Posted by Mumbai: When it comes to incorporating security testing with software development life cycle (SLDC), Indian organisations aren’t faring well. In fact, an IDC DevSecOps survey revealed that only 21% of Indian organisations incorporate security testing at the earliest stage of the software development life cycle (SDLC). That implies DevSecOps adoption remains low among Indian organisations.
Low DevSecOps adoption and security challenges
And this low adoption of DevSecOps also means that these Indian organisations could encounter security issues in software development and applications as well as make them prone to cyberattacks.
“India organisations are dedicating significant budgets to their software development life cycle (SDLC) and increasingly incorporating agile and DevOps methodologies,” said Rithika Ponnala, Senior Research Analyst, Digital Transformation Practice, IDC India.
“However, the organisations need to realise the importance of incorporating security across the SDLC,” added Ponnala.
“Explosion of new applications results in the increase of cybersecurity attacks too. As a result, DevSecOps gains momentum and IT leaders aim towards integrating security early in the development cycle,” said Neha Gupta, Senior Research Manager, IDC India.
As organisations face these challenges, leaders are looking to change their strategies. Organisations are prioritizing accelerating innovation and application delivery by uniting security with DevOps, as per the survey.
Key findings from this report on DevSecOps adoption among Indian organisations are:
Acceleration of innovation and application delivery: Uniting security with DevOps, cloud nativity, and sustained testing/analysis are the top three priorities of Indian organisations to accelerate innovation and application delivery.
Speed is driving DevSecOps adoption: The need for faster delivery, increasing security concerns, and agility are the top drivers of DevSecOps initiatives across Indian organisations
Challenges with lack of right tools: Indian organisations cited lack of automated/integrated tools, automating across hybrid environments, and budget constraints to be the biggest obstacles.
Opportunity for service providers: The majority of Indian organisations are already relying/foresee the need to rely on consultancies for implementing DevSecOps.