Security
Headlines
HeadlinesLatestCVEs

Headline

DevSecOps and cybersecurity skills are top priorities for enterprise IT – report

Transparency and inter-team collaboration key amid escalating threats and compliance requirements

PortSwigger
#microsoft#git#rce#auth

Transparency and inter-team collaboration key amid escalating threats and compliance requirements

Enterprise IT personnel believe cybersecurity skills are their teams’ most important technical capabilities, according to a new report from the DevOps Institute.

Ninety-two percent of respondents to the ‘Upskilling IT 2022’ survey identified security proficiencies as either ‘critical’ or ‘important’ to the execution of their team’s duties.

Next on the league table of ‘must-have technical skills’ was demonstrable knowledge of cloud computing technologies, followed by container orchestration, modern computing technology and architectures, and application technologies.

Must-have frameworks

Cited as ‘critical’ or ‘important’ by 93% of those polled, DevOps and DevSecOps topped the rankings for “must-have processes and frameworks” for enterprise IT staff.

The DevOps model is geared towards automating and integrating IT and software development functions, while DevSecOps aims to embed security as a priority and shared responsibility throughout the development lifecycle.

The next most important operating models, according to respondents, were agile practices, site reliability engineering (SRE), design or system thinking, and IT Infrastructure Library (ITIL).

Catch up with the latest DevSecOps news

The relationship between DevOps teams and security personnel is improving, contends the DevOps Institute, with 46% agreeing there was close collaboration between the two teams within their organization, as demonstrated by regular joint meetings and productive use of other communication channels.

Another 28% said there was ‘some’ collaboration between the teams. However, only a small minority intimated that the DevSecOps dream had been fully realized, with 6% claiming that the DevOps and security teams had truly merged into a single unit.

“In a world of escalating threats and increasingly ramped up compliance requirements, transparency, collaboration, and context among development, operations, and security teams is absolutely critical,” David DeSanto, GitLab vice president of product, is quoted as saying in the report.

‘Human skill gaps’

Now on its fourth edition, the report also reveals that teams are spending 54% of their time on tool-related upskilling or training, but are impeded by time constraints more than any other factor.

“I am tempted to conclude the following: individuals are saying ‘upskilling is not a priority for me unless it is technical’,” said the DevOps Institute’s chief research officer, Eveline Oehrlich, in a press release.

“I would advise taking a look at the human skill gaps, which (according to our survey) are collaboration and cooperation, creativity, and entrepreneurship and interpersonal skills. Unfortunately, without developing these human skills, success, and outcomes will be difficult to achieve.”

The DevOps Institute, a membership-based professional association and certification authority, polled 2,476 survey respondents involved in application development in 120 countries.

The report is available in global, Americas, EMEA, and APAC versions.

YOU MIGHT ALSO LIKE SharePoint RCE bug resurfaces three months after being patched by Microsoft

PortSwigger: Latest News

We’re going teetotal: It’s goodbye to The Daily Swig