{"id":16148,"date":"2019-03-15T10:56:39","date_gmt":"2019-03-15T10:56:39","guid":{"rendered":"https:\/\/www.devopsonline.co.uk\/?p=16148"},"modified":"2019-03-15T11:19:05","modified_gmt":"2019-03-15T11:19:05","slug":"businesses-face-security-risks-by-failing-to-gain-grasp-of-devsecops%ef%bb%bf","status":"publish","type":"post","link":"https:\/\/devopsnews.online\/businesses-face-security-risks-by-failing-to-gain-grasp-of-devsecops%ef%bb%bf\/","title":{"rendered":"Businesses face security risks by failing to gain grasp of DevSecOps\ufeff"},"content":{"rendered":"\n

<\/p>\n\n\n\n

New research commissioned by technology services provider, Claranet, has found that 88% of UK businesses have adopted a DevOps approach but only 19% are confident in their ability to introduce DevSecOps (integration of security into their DevOps practices). <\/p>\n\n\n\n

This underlines the risks that businesses are creating for themselves \u2013 especially given how DevOps tends to outpace traditional security controls \u2013 and the work that needs to be done within IT departments to embed and automate security best practices into the entire DevOps lifecycle.<\/p>\n\n\n\n

The research, conducted by market research firm Vanson Bourne, included 300 respondents from businesses in both the UK and USA. <\/p>\n\n\n\n

It found that 47% of UK organisations have adopted a DevOps approach, with an additional 41% planning to make this a reality in the next couple of years, indicating that DevOps is becoming a de facto way of working for many IT departments.<\/p>\n\n\n\n

However, when considered alongside the fact that a fifth of organisations doubt their capability to deliver DevSecOps, it becomes clear that there is a significant disconnect between DevOps capabilities and DevSecOps readiness. <\/p>\n\n\n\n

This lack of full emphasis on security as part of the DevOps process could lead to data security issues further down the line.<\/p>\n\n\n\n

Sumit Siddarth, director at Claranet Group company, NotSoSecure<\/a>, said: “Embracing DevOps is clearly at the forefront of the minds of the majority of IT leaders across the UK, which provides some cause for encouragement. <\/p>\n\n\n\n

“But the overall lack of integration of security best practices into this process shows that, for many businesses, security is still being considered as something that is administered separately to the development lifecycle, rather than incorporated into it from end to end.<\/p>\n\n\n\n

“Given the frequent development cycles that are an inherent characteristic of DevOps, seeing security as a separate entity can slow processes down and reduce efficiency, which either compromises the agility which is so central to any DevOps philosophy, or leads to windows where vulnerabilities can be released and won\u2019t be spotted until the next security testing cycle.”<\/p>\n\n\n\n

Siddarth added: “While the benefits of DevSecOps are clear, actually making it a reality is a complex process that can\u2019t be completed overnight. Working out how to implement and automate application security \u2013 such as continuous monitoring and static analysis \u2013 within existing CI\/CD pipelines takes time and effort, so it\u2019s important that organisations receive in-depth guidance in how to make this happen. <\/p>\n\n\n\n

“Furthermore, newer approaches to security testing, such as continuous security testing, need to be used to ensure any testing approach is keeping up with the rate of change DevOps approaches allow for.”<\/p>\n\n\n\n

<\/p>\n","protected":false},"excerpt":{"rendered":"

New research commissioned by technology services provider, Claranet, has found that 88% of UK businesses have adopted a DevOps approach but only 19% are confident in their ability to introduce DevSecOps (integration of security into their DevOps practices). <\/p>\n","protected":false},"author":15,"featured_media":16149,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"content-type":"","pmpro_default_level":"","footnotes":""},"categories":[3239,1158],"tags":[297,67,914,112],"yoast_head":"\nBusinesses face security risks by failing to gain grasp of DevSecOps\ufeff - DevOps Online North America<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/devopsnews.online\/businesses-face-security-risks-by-failing-to-gain-grasp-of-devsecops\ufeff\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Businesses face security risks by failing to gain grasp of DevSecOps\ufeff - DevOps Online North America\" \/>\n<meta property=\"og:description\" content=\"New research commissioned by technology services provider, Claranet, has found that 88% of UK businesses have adopted a DevOps approach but only 19% are confident in their ability to introduce DevSecOps (integration of security into their DevOps practices).\" \/>\n<meta property=\"og:url\" content=\"https:\/\/devopsnews.online\/businesses-face-security-risks-by-failing-to-gain-grasp-of-devsecops\ufeff\/\" \/>\n<meta property=\"og:site_name\" content=\"DevOps Online North America\" \/>\n<meta property=\"article:published_time\" content=\"2019-03-15T10:56:39+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2019-03-15T11:19:05+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/devopsnews.online\/wp-content\/uploads\/2019\/03\/scott-webb-274694-unsplash.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"2048\" \/>\n\t<meta property=\"og:image:height\" content=\"1365\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Barnaby Dracup\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@DevOpsAmerica\" \/>\n<meta name=\"twitter:site\" content=\"@DevOpsAmerica\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Barnaby Dracup\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/devopsnews.online\/businesses-face-security-risks-by-failing-to-gain-grasp-of-devsecops%ef%bb%bf\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/devopsnews.online\/businesses-face-security-risks-by-failing-to-gain-grasp-of-devsecops%ef%bb%bf\/\"},\"author\":{\"name\":\"Barnaby Dracup\",\"@id\":\"https:\/\/devopsnews.online\/#\/schema\/person\/712b56802bd9902d01037a7124d8d85d\"},\"headline\":\"Businesses face security risks by failing to gain grasp of DevSecOps\ufeff\",\"datePublished\":\"2019-03-15T10:56:39+00:00\",\"dateModified\":\"2019-03-15T11:19:05+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/devopsnews.online\/businesses-face-security-risks-by-failing-to-gain-grasp-of-devsecops%ef%bb%bf\/\"},\"wordCount\":435,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/devopsnews.online\/#organization\"},\"image\":{\"@id\":\"https:\/\/devopsnews.online\/businesses-face-security-risks-by-failing-to-gain-grasp-of-devsecops%ef%bb%bf\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/devopsnews.online\/wp-content\/uploads\/2019\/03\/scott-webb-274694-unsplash.jpg\",\"keywords\":[\"cybersecurity\",\"DevOps\",\"DevSecOps\",\"security\"],\"articleSection\":[\"News\",\"Security\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/devopsnews.online\/businesses-face-security-risks-by-failing-to-gain-grasp-of-devsecops%ef%bb%bf\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/devopsnews.online\/businesses-face-security-risks-by-failing-to-gain-grasp-of-devsecops%ef%bb%bf\/\",\"url\":\"https:\/\/devopsnews.online\/businesses-face-security-risks-by-failing-to-gain-grasp-of-devsecops%ef%bb%bf\/\",\"name\":\"Businesses face security risks by failing to gain grasp of DevSecOps\ufeff - DevOps Online North America\",\"isPartOf\":{\"@id\":\"https:\/\/devopsnews.online\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/devopsnews.online\/businesses-face-security-risks-by-failing-to-gain-grasp-of-devsecops%ef%bb%bf\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/devopsnews.online\/businesses-face-security-risks-by-failing-to-gain-grasp-of-devsecops%ef%bb%bf\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/devopsnews.online\/wp-content\/uploads\/2019\/03\/scott-webb-274694-unsplash.jpg\",\"datePublished\":\"2019-03-15T10:56:39+00:00\",\"dateModified\":\"2019-03-15T11:19:05+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/devopsnews.online\/businesses-face-security-risks-by-failing-to-gain-grasp-of-devsecops%ef%bb%bf\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/devopsnews.online\/businesses-face-security-risks-by-failing-to-gain-grasp-of-devsecops%ef%bb%bf\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/devopsnews.online\/businesses-face-security-risks-by-failing-to-gain-grasp-of-devsecops%ef%bb%bf\/#primaryimage\",\"url\":\"https:\/\/devopsnews.online\/wp-content\/uploads\/2019\/03\/scott-webb-274694-unsplash.jpg\",\"contentUrl\":\"https:\/\/devopsnews.online\/wp-content\/uploads\/2019\/03\/scott-webb-274694-unsplash.jpg\",\"width\":2048,\"height\":1365,\"caption\":\"Businesses face security risks by failing to gain grasp of DevSecOps\ufeff\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/devopsnews.online\/businesses-face-security-risks-by-failing-to-gain-grasp-of-devsecops%ef%bb%bf\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/devopsnews.online\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Businesses face security risks by failing to gain grasp of DevSecOps\ufeff\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/devopsnews.online\/#website\",\"url\":\"https:\/\/devopsnews.online\/\",\"name\":\"DevOps Online North America\",\"description\":\"by 31 Media Ltd.\",\"publisher\":{\"@id\":\"https:\/\/devopsnews.online\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/devopsnews.online\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/devopsnews.online\/#organization\",\"name\":\"DevOps Online North America\",\"url\":\"https:\/\/devopsnews.online\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/devopsnews.online\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/devopsnews.online\/wp-content\/uploads\/2020\/03\/DevOpsOnline_email.png\",\"contentUrl\":\"https:\/\/devopsnews.online\/wp-content\/uploads\/2020\/03\/DevOpsOnline_email.png\",\"width\":198,\"height\":64,\"caption\":\"DevOps Online North America\"},\"image\":{\"@id\":\"https:\/\/devopsnews.online\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/DevOpsAmerica\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/devopsnews.online\/#\/schema\/person\/712b56802bd9902d01037a7124d8d85d\",\"name\":\"Barnaby Dracup\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/devopsnews.online\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/61bcd167219e4766ab0fadcd182228fc?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/61bcd167219e4766ab0fadcd182228fc?s=96&d=mm&r=g\",\"caption\":\"Barnaby Dracup\"},\"description\":\"Barnaby Dracup is an experienced print and digital editor curating Software Testing News, DevOpsOnline, TEST Magazine and their affiliated events and products.\",\"url\":\"https:\/\/devopsnews.online\/author\/barnaby\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Businesses face security risks by failing to gain grasp of DevSecOps\ufeff - DevOps Online North America","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/devopsnews.online\/businesses-face-security-risks-by-failing-to-gain-grasp-of-devsecops\ufeff\/","og_locale":"en_US","og_type":"article","og_title":"Businesses face security risks by failing to gain grasp of DevSecOps\ufeff - DevOps Online North America","og_description":"New research commissioned by technology services provider, Claranet, has found that 88% of UK businesses have adopted a DevOps approach but only 19% are confident in their ability to introduce DevSecOps (integration of security into their DevOps practices).","og_url":"https:\/\/devopsnews.online\/businesses-face-security-risks-by-failing-to-gain-grasp-of-devsecops\ufeff\/","og_site_name":"DevOps Online North America","article_published_time":"2019-03-15T10:56:39+00:00","article_modified_time":"2019-03-15T11:19:05+00:00","og_image":[{"width":2048,"height":1365,"url":"https:\/\/devopsnews.online\/wp-content\/uploads\/2019\/03\/scott-webb-274694-unsplash.jpg","type":"image\/jpeg"}],"author":"Barnaby Dracup","twitter_card":"summary_large_image","twitter_creator":"@DevOpsAmerica","twitter_site":"@DevOpsAmerica","twitter_misc":{"Written by":"Barnaby Dracup","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/devopsnews.online\/businesses-face-security-risks-by-failing-to-gain-grasp-of-devsecops%ef%bb%bf\/#article","isPartOf":{"@id":"https:\/\/devopsnews.online\/businesses-face-security-risks-by-failing-to-gain-grasp-of-devsecops%ef%bb%bf\/"},"author":{"name":"Barnaby Dracup","@id":"https:\/\/devopsnews.online\/#\/schema\/person\/712b56802bd9902d01037a7124d8d85d"},"headline":"Businesses face security risks by failing to gain grasp of DevSecOps\ufeff","datePublished":"2019-03-15T10:56:39+00:00","dateModified":"2019-03-15T11:19:05+00:00","mainEntityOfPage":{"@id":"https:\/\/devopsnews.online\/businesses-face-security-risks-by-failing-to-gain-grasp-of-devsecops%ef%bb%bf\/"},"wordCount":435,"commentCount":0,"publisher":{"@id":"https:\/\/devopsnews.online\/#organization"},"image":{"@id":"https:\/\/devopsnews.online\/businesses-face-security-risks-by-failing-to-gain-grasp-of-devsecops%ef%bb%bf\/#primaryimage"},"thumbnailUrl":"https:\/\/devopsnews.online\/wp-content\/uploads\/2019\/03\/scott-webb-274694-unsplash.jpg","keywords":["cybersecurity","DevOps","DevSecOps","security"],"articleSection":["News","Security"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/devopsnews.online\/businesses-face-security-risks-by-failing-to-gain-grasp-of-devsecops%ef%bb%bf\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/devopsnews.online\/businesses-face-security-risks-by-failing-to-gain-grasp-of-devsecops%ef%bb%bf\/","url":"https:\/\/devopsnews.online\/businesses-face-security-risks-by-failing-to-gain-grasp-of-devsecops%ef%bb%bf\/","name":"Businesses face security risks by failing to gain grasp of DevSecOps\ufeff - DevOps Online North America","isPartOf":{"@id":"https:\/\/devopsnews.online\/#website"},"primaryImageOfPage":{"@id":"https:\/\/devopsnews.online\/businesses-face-security-risks-by-failing-to-gain-grasp-of-devsecops%ef%bb%bf\/#primaryimage"},"image":{"@id":"https:\/\/devopsnews.online\/businesses-face-security-risks-by-failing-to-gain-grasp-of-devsecops%ef%bb%bf\/#primaryimage"},"thumbnailUrl":"https:\/\/devopsnews.online\/wp-content\/uploads\/2019\/03\/scott-webb-274694-unsplash.jpg","datePublished":"2019-03-15T10:56:39+00:00","dateModified":"2019-03-15T11:19:05+00:00","breadcrumb":{"@id":"https:\/\/devopsnews.online\/businesses-face-security-risks-by-failing-to-gain-grasp-of-devsecops%ef%bb%bf\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/devopsnews.online\/businesses-face-security-risks-by-failing-to-gain-grasp-of-devsecops%ef%bb%bf\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/devopsnews.online\/businesses-face-security-risks-by-failing-to-gain-grasp-of-devsecops%ef%bb%bf\/#primaryimage","url":"https:\/\/devopsnews.online\/wp-content\/uploads\/2019\/03\/scott-webb-274694-unsplash.jpg","contentUrl":"https:\/\/devopsnews.online\/wp-content\/uploads\/2019\/03\/scott-webb-274694-unsplash.jpg","width":2048,"height":1365,"caption":"Businesses face security risks by failing to gain grasp of DevSecOps\ufeff"},{"@type":"BreadcrumbList","@id":"https:\/\/devopsnews.online\/businesses-face-security-risks-by-failing-to-gain-grasp-of-devsecops%ef%bb%bf\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/devopsnews.online\/"},{"@type":"ListItem","position":2,"name":"Businesses face security risks by failing to gain grasp of DevSecOps\ufeff"}]},{"@type":"WebSite","@id":"https:\/\/devopsnews.online\/#website","url":"https:\/\/devopsnews.online\/","name":"DevOps Online North America","description":"by 31 Media Ltd.","publisher":{"@id":"https:\/\/devopsnews.online\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/devopsnews.online\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/devopsnews.online\/#organization","name":"DevOps Online North America","url":"https:\/\/devopsnews.online\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/devopsnews.online\/#\/schema\/logo\/image\/","url":"https:\/\/devopsnews.online\/wp-content\/uploads\/2020\/03\/DevOpsOnline_email.png","contentUrl":"https:\/\/devopsnews.online\/wp-content\/uploads\/2020\/03\/DevOpsOnline_email.png","width":198,"height":64,"caption":"DevOps Online North America"},"image":{"@id":"https:\/\/devopsnews.online\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/DevOpsAmerica"]},{"@type":"Person","@id":"https:\/\/devopsnews.online\/#\/schema\/person\/712b56802bd9902d01037a7124d8d85d","name":"Barnaby Dracup","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/devopsnews.online\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/61bcd167219e4766ab0fadcd182228fc?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/61bcd167219e4766ab0fadcd182228fc?s=96&d=mm&r=g","caption":"Barnaby Dracup"},"description":"Barnaby Dracup is an experienced print and digital editor curating Software Testing News, DevOpsOnline, TEST Magazine and their affiliated events and products.","url":"https:\/\/devopsnews.online\/author\/barnaby\/"}]}},"_links":{"self":[{"href":"https:\/\/devopsnews.online\/wp-json\/wp\/v2\/posts\/16148"}],"collection":[{"href":"https:\/\/devopsnews.online\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/devopsnews.online\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/devopsnews.online\/wp-json\/wp\/v2\/users\/15"}],"replies":[{"embeddable":true,"href":"https:\/\/devopsnews.online\/wp-json\/wp\/v2\/comments?post=16148"}],"version-history":[{"count":0,"href":"https:\/\/devopsnews.online\/wp-json\/wp\/v2\/posts\/16148\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/devopsnews.online\/wp-json\/wp\/v2\/media\/16149"}],"wp:attachment":[{"href":"https:\/\/devopsnews.online\/wp-json\/wp\/v2\/media?parent=16148"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/devopsnews.online\/wp-json\/wp\/v2\/categories?post=16148"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/devopsnews.online\/wp-json\/wp\/v2\/tags?post=16148"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}