Security News > 2021 > April > Digital business requires a security-first mindset

While developing a seamless and successful digital mindset with a security strategy is not a simple task, the effort is crucial for the health of a company.

To help development teams write more secure code, companies must take measure of developers' existing security knowledge and workflows, as well as understand how security impacts their end users.

A GitLab survey found 68% of security professionals feel fewer than half of developers can spot security vulnerabilities later in the SDLC, while 70% of developers shared that they struggle to write secure code and need better guidance.

To make writing secure code more palatable to developers, we need to focus on adopting and creating security tools that are purpose-built for developers' needs.

Organizations must ensure that their code analysis processes are not only fast and accurate but that security workflows also fit with the way developers operate to incentivize a smooth DevSecOps process.

Organizations can strive toward a new cultural norm by encouraging a de-facto culture within development teams where best practices, security wins and caution are celebrated and rewarded, and each developer is accountable for the security of the code they write, but also given the tools they need to succeed.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/b-YNgNzyTJc/