ISACA: Eight Reasons to Address Security and Culture Shifts Earlier in DevOps
Mumbai (Jan. 17, 2015): The ultimate goal of DevOps is to improve business efficiency to meet market demands—but companies are overlooking twokey components in the development and operations process, which can lead to significant problems, according to global IT association ISACA:
A shift in company culture
“IT security must be part of the design and development phases of DevOps,” said ISACA International President Robert E Stroud, CGEIT, CRISC. “Too often, organizations try to incorporate securitylate in the game, which can increase the cost and the risk of failure.”
Organizations must also make sure their culture supports DevOps.
“DevOps requires flexibility and individuals who are willing to collaborate, share knowledge and be accountable,” Stroud said. “It also requires a company culture that embraces IT as a business partner.”
Incorporating security and cultural factors into earlier phases—along with ensuring the company’s processes and tools work in conjunction to support DevOps adoption—helps ensure successful adoption and eight key business performance benefits:
1. Reduce time to market
2. Faster return on investment
3. Improved performance
4. Better quality
5. Greater customer satisfaction
6. Reduced IT waste
7. Improved supplier and business partner performance
8. Reduced human factor threat
“Organizations can benefit tremendously from DevOps,” said Stroud, who is also vice president of strategy and innovation at CA Technologies. “But addressing security and cultural needs early on is a key success factor. When done right, DevOps can reduce enterprise risk and cost and enable technology to change at the speed of the business.”
"With India as global leader in IT, customer concerns as regards security and privacy in software development life cycle and deliverables have been amongst the long standing concerns of Indian software companies,”says Vittal Raj, international vice president of ISACA. " Incorporating the Eight security and culture shifts in DevOps from ISACA can not only help address the concerns but also enable the Indian software industry stay ahead of the expectation curve."
ISACA explains critical successful factors for DevOps adoption, as well as seven critical challenges to overcome, in a free guide released today, titled DevOps Overview. Thisis the first in a series, and additional guides on DevOps risk and governance, security, and assurance will be issued later in 2015.
To download a free copy of the guide, visit www.isaca.org/DevOpsguide.