IT professionals need more security training for DevOps
New research has revealed that software developers are not receiving the training necessary to be successful at DevOps in their current positions.
According to the 2017 DevSecOps Global Skills Survey sponsored by Veracode and DevOps.com, 65 percent of DevOps professionals believe that knowledge of DevOps is essential when starting a career in IT. However, 70 percent believe that they did not receive the necessary training through formal education to be successful in today's DevSecOps world, which integrates security into the development and testing of software.
Despite the fact that nearly 80 percent of those who responded to the survey hold either a bachelor or master's degree in computer science, there is still an overwhelming lack of cybersecurity knowledge prior to entering the workforce. A large majority of those surveyed (70 percent) said that the security education they received did not fully prepare them for what their positions require.
Alan Shimel, the editor-in-chief at DevOps.com stressed the need for organizations to fill in the missing gaps in their employees cybersecurity knowledge, saying:
"With major industry breaches further highlighting the need to integrate security into the DevOps process, organizations need to ensure that adequate security training is embedded in their DNA. As formal education isn’t keeping up with the need for security, organizations need to fill the gap with increased support for education."
The survey also revealed that slightly less than half of respondents said their employers paid for additional training since they joined the workforce and almost seven out of 10 developers reported that organizations provided them with security training that was inadequate.
Veracode's VP of engineering, Maria Loughlin noted that the recent surge in ransomware attacks is a prime example of why increased cybersecurity training is required, saying:
"WannaCry and Petya are just two recent examples of large-scale cyberattacks that further demonstrate the importance of security in today’s exceedingly digital world. Despite this apparent need, security practices and secure software development isn’t required to earn a degree in IT or computer science."
"Our research with DevOps.com highlights the fact that there are no clear shortcuts to address the skills gap. Higher education and enterprises need to have a more mature expectation around what colleges should teach and where organizations need to supplement education given the ever-changing nature of programming languages and frameworks. The industry will have to come together to ensure the safety of the application economy."
The 2017 DevSecOps Global Skills Survey was commissioned by Veracode and conducted by DevOps.com with almost 400 DevOps professionals participating worldwide.
Published under license from ITProPortal.com, a Future plc Publication. All rights reserved.