Security and compliance issues hold back innovation
Three quarters of C-suite executives responding to a new survey say that compliance challenges and security challenges limit their company's ability to innovate.
The study from software delivery platform CloudBees also shows executives overwhelmingly favor a shift left approach, a strategy of moving software testing and evaluation to earlier in the development lifecycle, placing the burden of compliance on development teams.
For 83 percent of C-suite executives the shift left approach is important for them as an organization, 77 percent say they are currently implementing this security and compliance approach. This is despite 58 percent of C-suite executives reporting that shift left is a burden on their developers.
"These survey findings underscore the urgent need to transform the software security and compliance landscape. As DevOps matures, security and compliance have taken center stage as a source of significant friction," says Prakash Sethuraman, chief information security officer, CloudBees. "While shift left is a popular talking point, it is not yielding the desired results. Instead, it is further burdening development teams and taking their attention away from value-added work. What's needed is a new mindset and a fresh approach, one in which security and compliance are continuous and actually speed innovation."
The survey also shows a drop in the confidence of software supply chain security and compliance, as well as a greater focus in this area. In 2022, 88 percent of executives say their software supply chain is secure or very secure, down from 95 percent in 2021. In addition, 33 percent believe their software supply chain to be completely compliant -- a decrease of 19 percent from the previous year. Plus, 86 percent are focusing more on compliance now than two years ago, and 82 percent express more concern about attacks.
You can read more and get the full report on the CloudBees blog.