Software vendors must accelerate DevSecOps adoption for reliable, resilient product delivery

Software industry IT leaders face constant pressure to deliver innovation faster to stay ahead of their competition. End users can easily change providers if they fail to receive the immersive and innovative experiences they expect. In a highly connected world, bad news travels fast. Therefore, any mishaps can affect the brand and its growth.

According to the latest Dynatrace research, which polled 150 IT leaders in software organizations, 81% of respondents say digital transformation has accelerated in the past 12 months. Additionally, nearly one quarter (24%) expect it to continue to speed up in the future.

Weighing speed, quality, and security tradeoffs

In addition to myriad benefits, digital transformation has brought complexities. CIOs in the software sector report their critical applications are now changing at a rapid rate. Almost one-third (27%) of IT leaders say their applications change every second, 37% say it is every minute, and 14% have to cope with changes every hour.

The unrelenting pace is forcing software vendors to make difficult tradeoffs. More than half (53%) of IT leaders confirm their organizations are forced to make choices among quality, security, and user experience to ensure they meet the need for instant service delivery.

Further, 43% of IT leaders state they are forced to sacrifice code quality, and 29% say they sometimes sacrifice security. These tradeoffs can be costly for software vendors, with vulnerabilities and poorly executed code resulting in substandard user experiences and dissatisfied customers.

A new approach for the software industry

As every aspect of every business is transformed with digital applications, the software sector is struggling to cope with demand. This is worsened by ongoing skills shortages. 74% of software CIOs confirm that a shortage of skilled developers makes it difficult to keep up with demand. However, IT leaders in the industry don’t believe hiring is the answer. Only 38% of CISOs agree that employing more IT operations, DevOps, and site reliability engineering professionals will help overcome complexities.

Rather, 86% believe extending a DevSecOps culture to more teams and applications will be key to accelerating digital transformation and driving faster, more secure software delivery. But the wider adoption of this practice is still in its infancy. Just 27% of CIOs say most or all of their teams adhere to a DevSecOps culture currently.

Software IT leaders report the following key barriers to embracing a DevSecOps approach:

• Security teams do not trust developers (57%).
• Developers perceive security teams as a blocker to innovation (53%).
• A siloed culture between DevOps and security teams leads to resistance to collaborating (42%).
• A lack of a unified platform for DevSecOps leads to multiple versions of the truth (19%).

For DevSecOps approaches to provide real benefits for software vendors, CIOs must find a way to overcome these adoption barriers.

The need for automation is greater than ever

With growing pressure to sustain high-quality software that powers end-user interactions, software IT leaders must empower teams to work quickly and securely. Previous manual approaches are no longer scalable.

To address this, software CIOs are increasing their investment in automation with the following:

• Shift-right security automation to continually detect and block vulnerabilities in production (42%);
• Continuously testing software quality and security in production (42%);
• AIOps-driven root-cause analysis (37%); and
• Closely aligning business, development, security, and operations teams (33%).

Converging observability and security is crucial

In the fast-paced software sector, teams require crucial contextual analysis to assess issues quickly and take action to resolve them. This is best achieved by converging observability and security on a single, AI-powered platform that breaks down barriers between teams and brings together all the data they need.

In fact, 93% of software CIOs believe increasing the use of AI and automation across DevOps and security will be key to scaling up DevSecOps practices. And 90% say the convergence of observability and security will be critical to building a DevSecOps culture.

Learn how Dynatrace can help you build and mature a successful DevSecOps culture so you can deliver reliable and resilient software at the speed your business demands.