Virtualization Technology News and Information
Article
Search:
RSS
Follow VMblog.com:
Improve end user experience in VDI, DaaS and physical endpoint environments
New Research From VMware Reveals Deepening Divide Between Developer and Security Teams

VMware, Inc. announced findings from a study on the relationship between IT, security, and development teams as organizations adopt a Zero Trust security model. The study, titled "Bridging the Developer and Security Divide" and conducted by Forrester Consulting on behalf of VMware, found that security is still perceived as a barrier in organizations, with 52% of developers believing that security policies are stifling their innovation.

Forrester Consulting surveyed 1,475 IT and security leaders and discovered that only one in five (22%) developers strongly agree that they understand which security policies they are expected to comply with. Alarmingly, more than a quarter (27%) of the developers surveyed are not involved at all in security policy decisions, despite many of these greatly impacting their roles. Organizations where security and development teams have a positive relationship can accelerate the software development lifecycle five business days faster than those without - demonstrating how speed to market and competitive advantage are at stake here.

Seventy-three percent of respondents agreed that their senior leadership focuses more on strengthening the relationship between development and security than they did two years ago, but relationships are still strained. In fact, more than one in three (37%) decision makers reported their organizations' teams are not effectively collaborating or taking strides to strengthen relationships between security and development teams. Lack of role definition for development teams, lack of communication between teams and competing priorities have major impacts on collaboration.

"Our research shows that security needs a perception shift," said Rick McElroy, principal cybersecurity strategist, VMware. "Rather than be seen as the team that only swoops in to fix breaches and leaks, or who ‘gets in the way' of innovation, security should be embedded across people, processes, and technologies. Security needs to be a team sport that works alongside IT and developers to ensure protection across clouds, apps and all digital infrastructure. We have to develop a culture where all teams have shared interests and common goals or metrics, and where they speak one language. There's overwhelming value to the business when IT, security, and developers are all part of the decision making, design, and execution."

Shared team priorities and engagement will pave the way forward and there's already progress being made on this front. More than half (53%) of respondents expect security and development teams to be unified within three years. And 42% expect security to become more embedded in the development process in that same period. There's a broader acknowledgment that cross-team alignment empowers businesses to reduce team silos (71%), create more secure applications (70%) and increase agility to adopt new workflows & technologies (66%).

The full study, complete with recommendations to bridge the divide between developer and security teams, can be downloaded here.

Published Wednesday, September 22, 2021 9:39 AM by David Marshall
Filed under: ,
Get This Featured White Paper: 3 Reasons Ootbi by Object First is Best for Veeam
You may also be interested in this white paper: The Cost of Internally Patching Infographic
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
Customer Connect
Global Digital
DTX
DTW-NA
innovatrix
GISEC
global-digital-cx
vExpert
Calendar
<September 2021>
SuMoTuWeThFrSa
2930311234
567891011
12131415161718
19202122232425
262728293012
3456789