Friday, 20 November 2020 15:16

Three in four IT leaders say COVID-19 is accelerating initiatives to secure software development process


GUEST RESEARCH: A new survey sponsored by Micro Focus underpins the importance of continuous security and automated testing throughout the software development cycle

Micro Focus (LSE: MCRO; NYSE: MFGP) has released DevSecOps: A framework for digital innovation, an IDC InfoBrief featuring findings from the IDC Asia Pacific 2020 DevSecOps Survey. The survey reveals that the ongoing COVID-19 outbreak has driven the demand for secure software development initiatives, according to 74 per cent of the respondents in Asia Pacific (APAC). The rise of DevSecOps comes at a time when IT leaders are faced with an increasingly active cyberthreat landscape, coupled with higher consumer expectations of digital offerings and application usage due to a sharp increase in online activities. However, a majority of APAC organisations are not equipped to tackle the issue at hand, with 55 per cent of the respondents ranking modest to low in terms of their DevSecOps maturity levels.     

Surveying close to 1,200 enterprise leaders across 14 APAC regions, the study looked at the state of organisational DevSecOps maturity, as well as DevSecOps activities, plans, challenges and processes. DevSecOps refers to a set of practices that add security to the software development supply chain from the planning stage to deployment, delivery and beyond. IDC's survey found that while there is awareness of the benefits of engaging in DevSecOps practices amongst IT leaders, many obstacles remain on the path to the full adoption. 

Today’s businesses recognise that efficient software development, security threats, and business agility as the top drivers of DevSecOps initiatives in APAC. But on a regional scale, only four in ten APAC leaders say they have united their DevOps and security teams to improve software development. 

Stephen McNulty, president of Micro Focus Asia Pacific and Japan, said, “Moving new digital initiatives forward quickly, especially to optimise the online experience for consumers and employees who are increasingly interacting with organisations virtually today, calls for secure and efficient software development processes. This is a defining period for relationship and digital trust building, which means organisations will need to quickly speed up DevSecOps adoption through continuous and automated security testing to effectively respond to their stakeholders’ digital needs.” 

Today, an organisation’s DevSecOps maturity level is intricately linked to its people, processes and tools—looking at stakeholder buy-in, approach to secure DevOps, and the technology used in testing and automating processes. Findings from the study reveal that the top obstacles to DevSecOps adoption are spread across the following three pillars: budget issues (15 per cent), dearth of talent or skills (13 per cent) and difficulty automating across hybrid infrastructures (13 per cent). 

Overcoming these obstacles is a priority for APAC organisations as the need for software-powered innovation rises, which translates to a greater scrutiny on application digital risks. The notion of late-stage security testing in software development is proving to be outdated in the context of today’s digital economy, where secure applications, services and platforms are the cornerstone of digital innovation. 

Amongst APAC organisation, DevOps teams are still primarily responsible for application security testing, followed by security teams. The most common security tools currently in use are software composition analysis (24 per cent), followed by interactive application security testing (19 per cent) and static application security testing (18 per cent). 

Stephen McNulty said, “The most holistic approach to DevSecOps that will play a key role in increasing organisations’ maturity level involves making security an integral part of every software development project, striving for 100 per cent automated testing, and continuously analysing application performance for potential gaps.” 

Micro Focus Fortify helps organisations jumpstart and accelerate DevSecOps adoption by integrating and automating with existing tools, frameworks and technologies within the CI/CD processes. Fortify continues its drive towards more support of modern applications with container scanning, additional language support, API scanning, and deeper CI/CD integration, allowing DevSecOps teams to further automate and scale to build secure software fast. 

Gina Smith, IDC Asia/Pacific's DevOps Research lead, said, “The pressure to fully embed security into the continuous delivery pipeline signals a major shift towards a stronger DevSecOps culture, characterised by the abandonment of siloed functional teams in favour of shared responsibilities between developers and security experts. This is a strong step in the right direction for organisations looking to adopt an end-to-end security approach and build better digital capabilities.”     

More information

The full IDC InfoBrief, DevSecOps: A framework for digital innovation, is available today. 


IDC surveyed 1,178 enterprise leaders in 14 Asia/Pacific regions—India, China, Hong Kong, Taiwan, Southeast Asia, Australia and New Zealand, Japan and Korea—about their DevSecOps activities, plans, challenges, and processes. 

Join Micro Focus on @MicroFocus

About Micro Focus

Micro Focus delivers enterprise software to empower our 40,000 customers worldwide to digitally transform. With a broad portfolio, underpinned by a robust analytics ecosystem, the company enables customers to address the four core pillars of digital transformation: Enterprise DevOpsHybrid IT ManagementPredictive Analytics and Security, Risk & Governance. By design, these tools bridge the gap between existing and emerging technologies so customers can run and transform at the same time. 

Subscribe to ITWIRE UPDATE Newsletter here


The much awaited iTWire Shop is now open to our readers.

Visit the iTWire Shop, a leading destination for stylish accessories, gear & gadgets, lifestyle products and everyday portable office essentials, drones, zoom lenses for smartphones, software and online training.

PLUS Big Brands include: Apple, Lenovo, LG, Samsung, Sennheiser and many more.

Products available for any country.

We hope you enjoy and find value in the much anticipated iTWire Shop.



iTWire TV offers a unique value to the Tech Sector by providing a range of video interviews, news, views and reviews, and also provides the opportunity for vendors to promote your company and your marketing messages.

We work with you to develop the message and conduct the interview or product review in a safe and collaborative way. Unlike other Tech YouTube channels, we create a story around your message and post that on the homepage of ITWire, linking to your message.

In addition, your interview post message can be displayed in up to 7 different post displays on our the site to drive traffic and readers to your video content and downloads. This can be a significant Lead Generation opportunity for your business.

We also provide 3 videos in one recording/sitting if you require so that you have a series of videos to promote to your customers. Your sales team can add your emails to sales collateral and to the footer of their sales and marketing emails.

See the latest in Tech News, Views, Interviews, Reviews, Product Promos and Events. Plus funny videos from our readers and customers.


Shane Murray

Shane is Sydney based and is iTWire’s Promotional News & Content Editor. A publishing and digital veteran with 40 years of industry experience across Fairfax, News Corp and numerous digital marketing and publishing organisations, Shane works with colleagues, partners and clients to maximise digital strategies and solutions. He has a wealth of practical industry experience, having seen and been through it all before.

Share News tips for the iTWire Journalists? Your tip will be anonymous




Guest Opinion

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News