According to one survey, challenges included lack of investment and a collaborative culture; and high levels of complexity and change

In a 2022 survey of 606 IT, security, application development and Development and Operations (DevOps) decision makers in organizations with 500+ employees from 11 countries (Europe, Asia, Latin America and the United States) on Development, Security and Operations (DevSecOps) maturity and challenges faced across their organizations, five trends were discerned.

Based on the questions ranging from business priorities to technology adoption; cultural alignment and investments; and the common pitfalls and successes shared by respondents, the following are observations about the state of DevSecOps in the Asia Pacific region:

    • 97% of respondents indicated they were familiar with DevSecOps processes.
    • 45% of respondents rated their current security efforts as “above average” and 28% indicated they were thriving in their security efforts.
    • 61% indicated they were improving the management of cyber threats, while an equal percentage (59%) indicated they were increasing the agility of their business applications and managing distributed/remote work environments — with the adoption of DevOps and DevSecOps solutions.
    • 81% of respondents, when asked about which areas they were focusing on in the next 12–18 months, indicated “technology and tools” and 74% indicated “standards and security policies”.
    • The top business factors cited for driving the adoption and evolution of DevOps inside respondents’ organizations included: a focus on agility; reducing the business risk of quality, security, and downtime or performance issues; and the need to implement DevOps to support a cloud-mandate or a move to the Cloud.

Respondents that were mature in the implementation of DevOps and DevSecOps policies and practices were found to recognize the importance of security training and upskilling to maintain continued long-term collaboration between security and development teams.

According to John Yang, Vice President, Progress, which commissioned the survey, the findings indicate that “DevSecOps success had been stymied by complexity and constant change,” being under pressure to boost internet security compliance but at the same time, hampered by the complex environments and limited manpower with which they operate.