The fast-tracked, pandemic-fuelled digital transformation in the financial services sector this year has led to a recalibration of the competitive landscape.
The rapid shift to digitisation among the traditional providers has levelled the playing field in their digital experiences offering, the primary differentiator for neo-banks and new entrants.
According to a new study by IDC Financial Insights, 44% of the top banks in APAC are now focused on completing their “connected core” transformation and working on platform-based and componentized modernisation, as well as open API-enablement.
The same study also estimates that by 2022, 60% of retail banking products and services would be rendered through banking-as-a-service cloud platforms, by challenger banks and digital banks in the region.
Both traditional and emerging providers need to capitalise on technology forces to modernise their innovative processes and deliver value faster to customers. The pressure to produce better code faster has never been more intense.
Rise of DevSecOps
An increasing number of Asia-Pacific and Japanese organisations choose DevSecOps to bring traditionally siloed developers, security and operations teams together.
They use single collaboration platform, where they count on continuous integration and continuous deployment to speed up their software innovation cycle times.
Continuous integration (CI) is a way to tackle the always tedious and time-consuming job of testing code and it does so in a way that does not add any extra burden to developers. Code tests and checks are automated and the results are delivered back to the developer. CI also allows developers to split tests and builds across different machines which cuts the time involved and make multitasking possible.
Continuous deployment (CD) picks up where CI leaves off — tested and checked code can be automatically deployed to production using the CI server.
Together, CI/CD represent a way to automate the most time-consuming steps in software development and deployment.
Solving universal problems in software development and deployment
Virtually every provider struggles with the same set of problems that CI/CD can potentially solve.
Toolchain sprawl is pervasive — a surprising number of companies use more than 15 toolchains and that of course means time and human resources to maintain it all.
An integrated out of the box CI/CD solution eliminates that problem and frees up resources for things that matter.
Even where teams are better organised as DevOps, it can still feel like it is Devs vs. Ops because the priorities of the two groups are so wildly dissimilar. Developers are incentivised to create new features while Operations are rewarded by having a stable environment.
CI/CD can help bring those opposing forces together around a single toolchain and let each group do what they do best without playing the blame game.
Code can also get stale while waiting around to either be tested or for devs to get energised about “context switching.” CI/CD can tighten that loop to minutes rather than days or weeks ensuring everyone is working as efficiently as possible.
And while CI/CD is often hailed as a boon to developers, it’s worth pointing out some concrete benefits to age-old Ops problems.
An integrated CI/CD solution will bring automatic monitoring so error rates and infrastructure costs can suddenly be measured easily.
And automated deployments free Operations to focus on value-added tasks rather than waiting around for developer hand-offs.
With the pace of work accelerating, some important details are easily overlooked or underestimated. Security is often a bottleneck to faster releases but it is much too risky to minimise or ignore.
DevSecOps brings security to the front of your development pipeline. With a shift-left strategy, security scans can be automated into every code commit, providing the opportunity to strike a balance between risk, cost, and agility.
Shifting left is not just about technology – it’s also about people. Introducing security into your initial planning will ensure that security needs are accounted for in all stages of the life cycle. This will help streamline end-of-cycle security reviews, reduce friction between teams, and increase the likelihood of hitting your deadline with a secure product.
Measure Success
CI/CD can bring solid benefits but it’s vital to understand how to measure success or recognise under-performance. A good place to start is with cycle time. We like to think of cycle time as the period between starting work on an idea and delivering it to production or into the hands of the end user.
Your definition may vary but what matters is to compare cycle time without CI/CD to cycle time with CI/CD. Some companies report cycle times that took months now take hours with an integrated CI/CD solution
Time to value is another factor to consider because, done right, CI/CD should shorten that timeframe dramatically. Companies should also consider uptime, error rates and infrastructure costs.
Addressing the culture change
Traditional banks transitioning to CI/CD often witness dramatic cultural shifts on the engineering team. An IDC survey in 2019 found that internal culture and training issues remained the biggest obstacles to wholesale DevOps adoption in APAC.
In our regular conversations with large APAC organisations, many IT leaders concurred, acknowledging that a key step in their transitions is understanding what barriers stand between different teams.
In the new world, silos between teams and responsibilities can’t be tolerated anymore. GitLab’s fourth annual DevSecOps survey revealed that the lines are blurring between developers and operations teams.
There also continues to be a clear disconnect between developers and security teams, with uncertainty about who should be responsible for security efforts.
To achieve successful DevSecOps transformation, leaders need to figure out how to improve collaboration across different teams and encourage rapid, continuous learning and improvement, especially from their mistakes.
By enabling a seamless flow of information across the different teams, encouraging them to take what they learn and iterate again, organisations stand to unlock true agility to the development and deployment process.
The impact of the current crisis has already initiated a changed mindset and focus on digital transformation at all levels of the industry. CI/CD can bring speed, consistency and even happiness into your innovation efforts. It will change what is possible for traditional and emerging providers when it comes to designing, developing and deploying software.
