CA Technologies Study Reveals Existing Culture and Lack of Skills as Key Hurdles for Hong Kong Companies to Create a Secure Software Development
A New Mindset of Secure Software Development is Required for Companies to Thrive in the Digital Economy
CA Technologies (NASDAQ:CA) has revealed the results of a global survey of more than 1,200 IT leaders on the topic of secure software development. Conducted by IT industry analyst firm Freeform Dynamics, the new report, entitled “Integrating Security into the DNA of Your Software Lifecycle,” highlights the influence of an organization’s culture on its ability to integrate security practices into their software development initiatives, a practice and approach commonly known as DevSecOps.
Today’s digital economy is fueled by software. When software is developed with security integrated from the start, the risk of data breaches is greatly diminished, providing users with heightened levels of confidence and trust when engaging with applications and services that are so ubiquitous in our online world.
According to survey respondents, the majority of Hong Kong organizations confirmed that software development supports growth and expansion (94 percent), helps businesses stay competitive (91 percent) and drives digital transformation (81 percent). However, the findings show that as software becomes more critical to business success in the digital economy, security concerns are exponentially on the rise. In fact, 70 percent of Hong Kong respondents agreed that security threats due to software and code issues are a growing concern. CA Veracode’s State of Software Security Report 2017 found that vulnerabilities continue to crop up in previously untested software at alarming rates, with 77 percent of apps having at least one vulnerability on initial scan.
Creating a culture of secure software development is a major challenge, according to the survey findings. An overwhelming 91 percent and 90 percent of Hong Kong respondents cited existing culture and lack of skills as hurdles to being able to embed security testing and evaluation within software development processes respectively. Only 19 percent of respondents strongly agreed that the organization’s culture and practices supported collaboration across development, operations and security. On top of cultural limitations, only 10 percent of respondents strongly agreed that senior management understands the importance of note trading off security for time-to-market.
“Security is a key principle in any Modern Software Factory. While our survey findings confirmed an overarching recognition in the importance of ensuring that data and systems are built and maintained securely, there is still a lack of cultural adoption within organizations around this pressing issue,” said Nick Lim, vice president, ASEAN and Greater China, CA Technologies. “When coupled with security, intelligent IT – the use of artificial intelligence, machine learning and analytics to make better, more informed decisions – can dramatically change the way that business is done.”
The report showcases characteristics of “Software Security Masters” (representing 32 percent of organizations in Asia Pacific and Japan overall and 17 percent of respondents in Hong Kong), which are organizations that have been able to fully integrate security into their software development lifecycles. This includes conducting early and continuous application testing for security vulnerabilities, as well as embracing the practice of DevSecOps.
In fact, when compared with the mainstream, respondents from the Software Security Masters were nearly three times more likely to strongly agree that they viewed security as an enabler of new business opportunities. Software Security Masters in the Asia Pacific and Japan (APJ) region also exhibited the following attributes:
● 50 percent higher profit growth
● 50 percent higher revenue growth
● Are 2.8x more likely to have security testing keep up with frequent app updates
● Are 3.2x more likely to be outpacing their competitors
“Organizations labeled as “Software Security Masters” see a strong correlation between embedding security in the DNA of software development and achieving strong top and bottom line performance. Not only do they exemplify and represent the cultural mindset necessary to adapt and thrive in today’s dynamic market, these organizations are influencing change within the industry while shaping the workplace of the future,” concluded Lim.
The global online survey of 1,279 senior IT and business executives was sponsored by CA Technologies and conducted by industry analyst firm Freeform Dynamics in July 2017. It was augmented by in-depth telephone interviews with key industry executives. For full survey methodology details, please see the report, “Integrating Security into the DNA of Your Software Lifecycle.”
Download the full report and other supporting materials:
● Report: Integrating Security into the DNA of Your Software Lifecycle
● Blog: The Competitive Edge of DevSecOps
About Freeform Dynamics
Freeform Dynamics is an IT industry analyst firm. Through research and insights, the firm aims to help busy IT and business professionals get up to speed on the latest technology developments, and make better-informed investment decisions. For more information, and access to a library of free research, please visit www.freeformdynamics.com.
About CA Technologies
CA Technologies (NASDAQ: CA) creates software that fuels transformation for companies and enables them to seize the opportunities of the application economy. Software is at the heart of every business in every industry. From planning, to development, to management and security, CA is working with companies worldwide to change the way we live, transact, and communicate – across mobile, private and public cloud, distributed and mainframe environments. Learn more at www.ca.com.
Follow CA Technologies
Social Media Page
Copyright #169; 2018 CA Inc. All Rights Reserved. All trademarks, trade names, service marks, and logos referenced herein belong to their respective companies.