• About
  • Subscribe
  • Contact
Wednesday, May 7, 2025
    Login
  • Management Leadership
    • Growth Strategies
    • Finance
    • Operations
    • Sales and Marketing
    • Careers
  • Technology
    • Infrastructure and Platforms
    • Business Applications and Databases
    • Big Data, Analytics and Intelligence
    • Security
  • Industry Verticals
    • Finance and Insurance
    • Manufacturing
    • Logistics and Transportation
    • Retail and Wholesale
    • Hospitality and Tourism
    • Government and Public Services
    • Utilities
    • Media and Telecommunications
  • Resources
    • Whitepapers
    • PodChats
    • Videos
  • Events
No Result
View All Result
  • Management Leadership
    • Growth Strategies
    • Finance
    • Operations
    • Sales and Marketing
    • Careers
  • Technology
    • Infrastructure and Platforms
    • Business Applications and Databases
    • Big Data, Analytics and Intelligence
    • Security
  • Industry Verticals
    • Finance and Insurance
    • Manufacturing
    • Logistics and Transportation
    • Retail and Wholesale
    • Hospitality and Tourism
    • Government and Public Services
    • Utilities
    • Media and Telecommunications
  • Resources
    • Whitepapers
    • PodChats
    • Videos
  • Events
No Result
View All Result
No Result
View All Result
Home General

PodChats for FutureCIO: Making a business case for DevSecOps

Allan Tan by Allan Tan
October 19, 2020
PodChats for FutureCIO: Making a business case for DevSecOps

PodChats for FutureCIO: Making a business case for DevSecOps

In the application development world, two models have stood to represent how software is built. First introduced in 1970, the waterfall method emphasizes a logical progression of steps throughout the software development life cycle (SDLC).

The six steps of a waterfall model include: requirements analysis, system design, implementation, testing, deployment and maintenance. Critics of the waterfall model cite its inability to allow for adapting to changes across the life cycle, including client feedback which usually comes in the latter stages of development.

DevOps, on the other hand, is said to complement agile principles: several standard DevOps practices such as automated build and test, continuous integration, and continuous delivery originated in the Agile world.

One of the most visible drivers of digital transformation is the imperative to deepen the relationship with the customer. This is the front-end of the discussion. Behind every digital transformation initiative is agile – viewed by many as addressing the communication gaps between customers and developers. DevOps is the behind-the-scene technical equivalent of agile addressing gaps between developers and IT operations / infrastructure.

Secure DevOps practices — also known as DevSecOps — is critical for enterprises that must rapidly develop and deploy digital innovations. It attempts to bring security into the DevOps methodology by integrating security testing into the continuous integration and continuous delivery pipelines. IDC says the ability to quickly create, deploy, and iterate high-quality software will be a core business requirement by 2023.

According to the WhiteHat Security report, 2019 Application Security Statistics Report, an average of more than 50% of apps are always vulnerable for organisations that have not adopted DevSecOps.

IDC predicts by 2024, DevSecOps will drive at least 50% of new applications in the Asia/Pacific (excluding Japan) (APEJ) region, which will have comprehensive security and compliance assessment included in the continuous delivery platform.

FutureCIO spoke to Dr Gina Smith, research manager at IDC Asia to get her perspective on the state of DevSecOps in the region.

Smith says DevOps workflows increasingly drive such digital transformation, waterfall-style security testing and policies can gum up the works. Organisations must move now to shift security left, integrating it at multiple points along the software development life cycle.

“Further, they must integrate it in a collaborative way that is at once transparent to developers yet still preserves the agility, speed and teamwork that characterizes the agile and DevOps process,” Dr Smith adds.

The October 2019 451 Research stated that only 9% of security budgets are dedicated to application security. Given the extent to which businesses are dependent on software for many aspects of operations, and how digital transformation calls for the accelerated rollout of new apps, it begs the question why application security does not appear to carry the same priority as DevOps itself – at least for now.

Related:  Big 5G Event Critical Insights eBook
Tags: 451 ResearchDevOpsDevSecOpsIDCPodchatssoftware development life cyclewaterfall methodWhiteHat Security
Allan Tan

Allan Tan

Allan is Group Editor-in-Chief for CXOCIETY writing for FutureIoT, FutureCIO and FutureCFO. He supports content marketing engagements for CXOCIETY clients, as well as moderates senior-level discussions and speaks at events. Previous Roles He served as Group Editor-in-Chief for Questex Asia concurrent to the Regional Content and Strategy Director role. He was the Director of Technology Practice at Hill+Knowlton in Hong Kong and Director of Client Services at EBA Communications. He also served as Marketing Director for Asia at Hitachi Data Systems and served as Country Sales Manager for HDS’ Philippines. Other sales roles include Encore Computer and First International Computer. He was a Senior Industry Analyst at Dataquest (Gartner Group) covering IT Professional Services for Asia-Pacific. He moved to Hong Kong as a Network Specialist and later MIS Manager at Imagineering/Tech Pacific. He holds a Bachelor of Science in Electronics and Communications Engineering degree and is a certified PICK programmer.

No Result
View All Result

Recent Posts

  • Agentic AI-powered AppSec platform launched for the AI era
  • IDC forecasts GenAI alone will grow at a 59.2% CAGR
  • Dataiku brings new AI capabilities to create and control AI agents
  • Microsoft reveals the rise of a new kind of organisation in the AI era
  • St Luke’s ElderCare enhances data security and user experience with Juniper

Live Poll

Categories

  • Big Data, Analytics & Intelligence
  • Business Applications & Databases
  • Business-IT Alignment
  • Careers
  • Case Studies
  • CISO
  • CISO strategies
  • Cloud, Virtualization, Operating Environments and Middleware
  • Computer, Storage, Networks, Connectivity
  • Corporate Social Responsibility
  • Customer Experience / Engagement
  • Cyber risk management
  • Cyberattacks and data breaches
  • Cybersecurity careers
  • Cybersecurity operations
  • Education
  • Education
  • Finance
  • Finance & Insurance
  • FutureCISO
  • General
  • Governance, Risk and Compliance
  • Government and Public Services
  • Growth Strategies
  • Hospitality & Tourism
  • HR, education and Training
  • Industry Verticals
  • Infrastructure & Platforms
  • Insider threats
  • Latest Stories
  • Logistics & Transportation
  • Management Leadership
  • Manufacturing
  • Media and Telecommunications
  • News Stories
  • Operations
  • Opinion
  • Opinions
  • People
  • Process
  • Remote work
  • Retail & Wholesale
  • Sales & Marketing
  • Security
  • Tactics and Strategies
  • Technology
  • Utilities
  • Videos
  • Vulnerabilities and threats
  • White Papers

Strategic Insights for Chief Information Officers

FutureCIO is about enabling the CIO, his team, the leadership and the enterprise through shared expertise, know-how and experience - through a community of shared interests and goals. It is also about discovering unknown best practices that will help realize new business models.

Quick Links

  • Videos
  • Resources
  • Subscribe
  • Contact

Cxociety Media Brands

  • FutureIoT
  • FutureCFO
  • FutureCIO

Categories

  • Privacy Policy
  • Terms of Use
  • Cookie Policy

Copyright © 2022 Cxociety Pte Ltd | Designed by Pixl

Login to your account below

or

Not a member yet? Register here

Forgotten Password?

Fill the forms bellow to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
No Result
View All Result
  • Management Leadership
    • Growth Strategies
    • Finance
    • Operations
    • Sales and Marketing
    • Careers
  • Technology
    • Infrastructure and Platforms
    • Business Applications and Databases
    • Big Data, Analytics and Intelligence
    • Security
  • Industry Verticals
    • Finance and Insurance
    • Manufacturing
    • Logistics and Transportation
    • Retail and Wholesale
    • Hospitality and Tourism
    • Government and Public Services
    • Utilities
    • Media and Telecommunications
  • Resources
    • Whitepapers
    • PodChats
    • Videos
  • Events
Login

Copyright © 2022 Cxociety Pte Ltd | Designed by Pixl

Subscribe