52% of Companies choose to sacrifice cyber-security to speed
According to an Thread Stack survey, seems that there the companies choose to ignore some cyber security practices that might affect business deadlines or objectives.
Some of the key findings:
- 68% of companies state that their CEOs demand DevOps and security teams not do anything to slow the business down
- 62% say their Ops teams push back when asked to deploy secure technology
- 57% say Ops teams push back on security best practices
Although most organizations agree that everybody should be responsible when we talk about security, the principle doesn’t hold on day-to-day practices. When talking about Operations Team seems they have little to no training in basic security practices that being translated in servers not configured securely. The Operations Team have an assigned security specialist in only 27% of the organizations surveyed. And things dont stop here. Developers can’t code securely: more than 44% of developers aren’t trained and don’t have basic knowledge about coding in a secure way.
Having this said should be no surprise that 60% of respondents to the survey admit that security is not being integrated into DevOps processes.
With this in mind more than half of SecOps profesionals rate the security of their organization’s cloud infrastructure and environment as “average or worse”.
You can read full report at SecOps report 2018