Corporate Cultural Issues Hold Back Secure Software Development

An anonymous reader shares a report: As the digital economy expands and software becomes more critical, security worries grow. In a new survey, 74 percent of respondents agree that security threats due to software and code issues are a growing concern. The study of over 1,200 IT leaders, conducted by analysts Freeform Dynamics for software company CA Technologies, finds 58 percent of respondents cite existing culture and lack of skills as hurdles to being able to embed security within processes. In addition, only 24 percent strongly agree that their organization's culture and practices support collaboration across development, operations and security. On top of cultural limitations, less than a quarter of respondents strongly agree that senior management understands the importance of not sacrificing security for time-to-market success.

Re:Welcome to DevOps...

[Junta]

Hyperbole aside, this isn't new to 'DevOps', though I will admit that in some circles it blesses the thought process.

For as long as humans have been doing things, processes in bad groups devolve to this sort of blind and mad grasping at 'productivity', and devolving into spending more time fretting about the process of seeing if work is being done than actually doing the work. Each fad promising to 'correct' the ratio of overhead of the previous fad, either never realizing or intentionally ignoring the reality that people are the problem and will pervert any methodology that purports to fix it.

Meanwhile, good teams operating within good larger organizations will succeed with whatever project management/development fad they nominally use.