IT and security teams are meeting in the middle: new data shows that both sides are beginning to leverage technology typically used by the other to drive greater business transparency, security, and results.
Developers are using application security tools nearly as much as security specialists, according to analysis from 451 Research, part of S&P Global Market Intelligence. Meanwhile, Forrester Research recently forecast that security specialists will begin to adopt observability capabilities, a practice very familiar to developers.
How will this change the way organizations are designed and work? Here are three predictions for DevSecOps–and how to harness their potential.
1. Security will find untapped potential in observability data
In reality, observability data might live in a separate system that isn’t top of mind or as easy to access for security analysts. But imagine if DevOps and security teams could both make use of observability data.
Through correlated logs and traces, observability data could augment investigations and improve the experience for SREs and security analysts as they manage alert fatigue. Observability solutions could also offer managed security service providers a lens into mean time to respond (MTTR) data. Another result could be increased visibility over data, which enables incident response.
As 451 Research points out, “The monitoring data that organizations depend on to assure the performance and availability of modern technology – encompassed in the concept of ‘IT observability’ – increasingly represents a source of data directly relevant to securing the organization.”
2. Expertise will become increasingly integrated across teams
The way IT decision makers have been assigning tools across DevOps and security teams is telling, as suggested earlier by data from 451 Research. In 2015, there was a wide disparity in tool assignment, with 29% of developer teams and 71% of security teams using application security tools. By 2020, the margin had closed: 48% of developer teams and 52% of security teams used application security tools.
The data highlights that security is no longer the sole provenance of security teams, and hasn’t been for some time. Developers will need to continue building the expertise to remediate exposures without impact on critical functionality. To that end, security professionals will be expected to be literate in the tools and processes required for rapid development and deployment of technology. DevOps and security teams will need to develop enough cross-literacy in each others’ functions to collaborate in ways that promote a strong security posture without impeding development.
3. Executives will set the tone from the top down
DevOps and security both tie back to the bottom line for organizations. Reliable products generate more revenue and efficient operations control costs. Preventing a data breach mitigates damages and recovery costs that can total into the millions. The two practices seem to naturally go hand-in-hand – and it’s up to IT leaders to make this business case to their organizations.
The C-suite can influence the perception of DevSecOps as a business imperative, one that generates revenue for the organization. Executive sponsorship of DevSecOps can help move past misconceptions that shifting left adds time to value and instead promote the benefits of integrating security into the development process early.
Maximizing the possibilities of data with DevSecOps
Leaning into the future of DevSecOps could help provide more teams with actionable insights from an invaluable resource: your company’s data.
It can be said that security is a data-at-scale problem, and observability teams also need to wrap their arms around large volumes of data. Integrated expertise and greater transparency, encouraged by leadership, could open up new possibilities for enabling the business with insights from data, and doing so securely.
When it comes to the endless possibilities of data, Elastic uses the power of search to help people and organizations turn that possibility into results. In the realms of Security and Observability, for instance, Elastic offers actionable observability to accelerate root cause analysis; APM correlations have applications for understanding vulnerability exploits such as Log4j. Elastic solutions help organizations, their employees, and their customers find what they need faster, while keeping mission-critical applications running smoothly, and protecting against cyber threats.
Keep reading about why it’s time for more CISOs to embrace DevSecOps.