Despite the issues being widespread, 80% of organisations planning to adopt DevSecOps are ignoring the necessary steps to change attitudes
London, UK – 04 December, 2023: Almost half of organisations (45%) working with DevSecOps said its practices are failing to work as hoped, undermining their efforts to improve security, quality, and consistency in software production, according to research commissioned by Capacitas surveying large UK businesses and public sector organisations.
Worryingly, over half (51%) of IT decision makers report outright resistance to change among their teams whilst 47% say there is insufficient cross-team collaboration. More than half of respondents (53%) at organisations where DevSecOps is already implemented say they fail to see high levels of engagement and ownership of application performance and security.
Despite these significant barriers, 80% of organisations currently planning their DevSecOps implementations are overlooking culture as a key area that requires attention.
Thomas Barns, Service Design Director, Capacitas said: “The research highlights a consistent failure to appreciate and prioritise the cultural aspects of DevSecOps, which is about people and processes, not just technology.
“More than half of organisations (57%) believe they can get DevSecOps embedded and operating as desired within six months. For some this might be possible, but corners should not be cut to make this happen if it’s taking longer. Time needs to be taken to embed the DevSecOps culture shift if the investment is going to work in a sustainable manner for the business and its people.”
The results indicate that training is a factor which is being neglected, acknowledged by one-third of respondents (33%) as one of their main challenges when seeking to get teams to embrace DevSecOps practices. However only 26% of those about to adopt DevSecOps had made plans to include internal training in their roadmap, highlighting how skills gaps and needs are being underestimated.
Most adopters are looking for DevSecOps to boost team productivity as well as quality and consistency. Whilst the research found that most organisations operating with DevSecOps have seen improvements in several areas, only 40% report significant improvements in deployment frequency or in lead time for change. Tackling the cultural and skills issues in adoption of DevSecOps is critical to realising the value that IT decision makers are looking for.
Ends.
Capacitas is a highly experienced hyperscale cloud consultancy headquartered in the UK, uniquely effective at enabling businesses to achieve major efficiencies that power growth and innovation. With over 20 years’ experience of working with scaled, complex systems that have tough challenges in high-profile and well-known organisations, such as EasyJet, Skype, JD Sports, Ancestry, and more, Capacitas challenges the cloud status quo. This means finding a better way for any organisation to be totally cloud-confident in the face of growing demand on systems and increasing complexity, optimising cost while maximising performance and scalability – all impacting the bottom line. Many of its competitors do one of these, none do all.
About the survey
Commissioned by Capacitas, this survey was completed by Censuswide, which questioned 200 senior decision-makers at large UK business and public sector organisations which have either already implemented DevSecOps, are in the process of implementation, or are planning to in the near future.