Software intelligence company
Dynatrace announced the results of an independent global survey
of 1,300 CIOs and senior DevOps managers in large organizations. The
findings revealed the increased difficulty of maintaining software
reliability and security as the demand for continuous release cycles and
the rising complexity of cloud-native environments create more risk for
undetected defects and vulnerabilities to escape into production. CIOs
and senior DevOps managers are looking to DevSecOps processes, the
convergence of observability and security, and the increased use of AI
and automation to balance accelerated innovation with reliability and
security. The complimentary
2023 Global CIO Report, "Observability and Security Convergence: Enabling Faster, More Secure Innovation in the Cloud," is available
here.
The research reveals the following:
-
90% of organizations say digital transformation has accelerated in the past 12 months.
-
78% of organizations deploy software updates into production every 12
hours or less, and 54% say they do so at least once every two hours.
-
DevOps teams spend nearly a third (31%) of their time on manual tasks
involving detecting code quality issues and vulnerabilities, reducing
the time spent on innovation.
-
55% of organizations make tradeoffs between quality, security, and user experience to meet the need for rapid transformation.
-
88% of CIOs say the convergence of observability and security practices
will be critical to building a DevSecOps culture, and 90% say increasing
the use of AIOps will be key to scaling up these practices.
"It's difficult for teams to accelerate the pace of innovation while
also maintaining the highest quality and security standards," said Bernd
Greifeneder, Founder and Chief Technology Officer at Dynatrace. "More
frequent software deployments, combined with complex cloud-native
architectures, make it easier for errors and vulnerabilities to escape
into production where they impact customer experience and create risk.
There simply aren't enough hours in the day for teams to test code as
thoroughly as when they had only a single monthly deployment, but
there's no margin for error in today's ultra-competitive, always-on
economy. Something has to change."
Additional findings from the survey include:
-
Organizations plan to increase their spending on automation across
development, security, and operations by 35% by 2024, as they invest
more in continuously testing software quality (54%) and security (49%)
in production, automatic vulnerability detection and blocking (41%), and
automating release validation (35%).
-
70% of CIOs say they need to improve their trust in the accuracy of AI's
decisions before they can automate more of the CI/CD pipeline.
-
94% of CIOs say extending a DevSecOps culture to more teams is key to
accelerating digital transformation and driving faster, more secure
software releases.
"Organizations know that manual approaches aren't scalable," continued
Greifeneder. "Teams can't afford to waste time and effort chasing false
positives, searching for vulnerabilities whenever a new threat alert
appears, or conducting forensics to understand whether data has been
compromised. They need to work together to drive faster, more secure
innovation. Automation and modern delivery practices such as DevSecOps are key to this, but teams need to trust that their AI is reaching the right conclusions about the impact of a particular vulnerability.
To accomplish this, organizations require a unified platform that can
converge observability and security data to eliminate the silos between
teams. By bringing their data together and retaining its context, DevOps
and security teams can unlock the insights they need through causal AI.
This enables them to harness intelligent automation to rapidly deliver
high-performing and secure applications that delight their users."