What is currently holding back innovation in companies? And it is that, 3 out of 5 Spanish managers would prefer to face a natural disaster than a security problem in the software supply chain. In addition, these same executives affirm that their teams spend almost two months on average in compliance audits. This is highlighted by CloudBees in its annual CloudBees 2022 Global C-suite Security report, which reveals that security and compliance challenges are a major obstacle to the innovation strategies of most companies. “The results underscore the urgent need to transform the software security and compliance landscape. As DevOps matures, security and compliance have gained prominence as a major source of friction,” says Prakash Sethuraman, CISO at CloudBees.
Innovation in companies
Surveyed managers overwhelmingly favor a “shift left” approach, a strategy that moves software testing and evaluation early in the software development life cycle, putting the burden of software development on developers. compliance aspect. In fact, 83% of executives say that this approach is important to them as a company, and 77% say they are implementing a “shift left” approach to security and compliance. This is despite the fact that 58% of managers report that shifting security to the left places a burden on their developers.
What is currently holding back innovation in companies?
In the case of Spain, the “shift left” approach generates divided opinions. 47% of Spanish managers consider that this approach is important for them as a company, while another 47% say that it is a burden for their developer teams. Despite this, 80% state that they are implementing a “shift left” security and compliance strategy in their company.
Attacks on the software supply chain
More generally, nearly all Spanish managers surveyed (97%) say they are concerned about software supply chain attacks, with two-thirds (67%) saying they are very concerned. Despite this, 3 out of 5 managers in Spain say they would rather face a natural disaster than a security problem in their software supply chain. According to the report, there is also a decrease in the confidence that executives have in supply chain security and compliance, as well as a greater attention to this point. In Spain, 90% of those interviewed say that their software supply chain is secure, but only 1 in 5 (20%) say that their supply chain is very secure.
There are differences between countries in relation to the confidence that managers have regarding security and compliance. When you have a choice between speed and security, security wins. Management teams trust their teams. Automation is useful, but it is not available to everyone. The tools used are a mixed bag.