Security News > 2022 > August > Security investment, toolchain consolidation emerge as top priorities

Not surprisingly, the 2022 survey results highlight security as the highest-priority investment area for organizations, with more than half of security team members stating their organizations have either shifted security left or plan to this year, according to the survey.

Security is both a top challenge and a top area of investment.

Over half of survey respondents stated that security is a performance metric for developers within their organizations, but 50% of security professionals report that developers are failing to identify 75% of vulnerabilities.

Tim Mackey, principal security strategist at the Synopsys Cybersecurity Research Center, said that because DevOps platforms touch the software powering a business, "When choosing any DevOps platform, the security of the platform itself and the security competencies it enables should always be 'must haves.' In effect, any decision about new software should be based on how it improves the current security capabilities of the business."

It's risky for organizations to depend on development teams alone for security, said Michelle McLean, vice president of API security provider Salt Security.

"It's fundamentally important to choose a DevOps platform that either has security capabilities built-in or that can easily integrate with security platforms to facilitate collaboration by security and DevOps teams,'' McLean said."Otherwise, organizations run the risk of pushing out unsecured software or introducing other risks into the software supply chain.

News URL

https://www.techrepublic.com/article/security-investments-toolchain-priorities/