By Prashanth Nanjundappa, VP, Product Development, Progress
The adoption of DevOps has played a central role in software development. Organisations are aiming to bridge the gap between their development and operations teams, thereby accelerating the delivery process and enhancing the quality of software. The shift has also improved the focus on security, laying the foundation for the emergence of DevSecOps.
A survey revealed that the DevSecOps market worldwide is anticipated to achieve a Compound Annual Growth Rate (CAGR) of 32.2 per cent throughout the forecast period. The growth trajectory is expected to boost revenue from USD 2.55 billion in 2020 to USD 23.42 billion by 2028.
The rise of DevSecOps in India
DevSecOps, a collaborative methodology between development, security, and operations, places a strong emphasis on integrating security practices into the software development and deployment processes. In India, the approach has gained substantial traction due to several reasons, including a security-first mindset, adherence to compliance requirements and escalating cybersecurity threats.
A survey revealed that the primary business driver for DevSecOps adoption is a keen focus on business agility, achieved through the rapid and frequent delivery of application capabilities, as reported by 59 per cent of the respondents. From a technological perspective, the most significant factor is the enhanced management of cybersecurity threats and challenges, a factor highlighted by 57 per cent of the participants.
Businesses now understand the importance of proactive security measures. DevSecOps encourages a security-first mentality, ensuring that security is an integral part of the development process from the outset.
With stringent data protection laws, such as GDPR and India’s Personal Data Protection Bill in place, organisations operating in India must adhere to strict compliance requirements. DevSecOps ensures that these requirements are fulfilled.
India, like other regions, has witnessed a surge in cyberattacks. High-profile breaches have underscored the need for a robust security posture, and DevSecOps offers a proactive approach to mitigating these threats.
The surge in demand for skilled DevSecOps engineers
As DevSecOps gains prominence in India, there is a significant increase in demand for skilled engineers proficient in this methodology. The number of DevSecOps jobs has experienced substantial growth, with an impressive increase of nearly 20 per cent compared to the previous year.
Several factors contribute to this phenomenon, including digital transformation, global outsourcing, and the burgeoning start-up ecosystem. The trend has created a demand for engineers proficient in DevSecOps principles.
The development of skillsets
DevSecOps encompasses three primary facets: technology skills (programming, scripting, etc.), functional skills (specific domain expertise, such as mobile app development), and process, framework, and automation skills. While the focus has traditionally been on technology skills, there is a growing need for the other two. Organisations are increasingly aware that the current approach often results in silos within teams, hindering collaboration. It is recommended that organisations hire experienced individuals who can champion the DevSecOps culture and consider bringing in talent from outside to bridge skill gaps.
The emerging DevSecOps culture
DevSecOps represents a cultural shift in how software is developed, tested and deployed. In India, this cultural shift is evident in several ways:
⦁ Improves collaboration: DevSecOps promotes collaboration between development, security, and operations teams. Cross-functional teams work together seamlessly, breaking down traditional silos. About 30 per cent of the professionals expressed confidence in the degree of collaboration achieved between security and development teams.
⦁ Enhances automation: Automation lies at the core of DevSecOps. Indian organisations are increasingly automating security checks, code testing and deployment pipelines to enhance efficiency and reduce manual errors.
⦁ Fosters continuous learning: Engineers in India continuously upskill themselves by attending workshops, webinars and obtaining certifications to stay current with evolving security threats and best practices. About 40 per cent of the respondents considered the implementation of security training and upskilling initiatives across multiple stakeholders as a crucial aspect when adopting DevSecOps.
The benefits of DevSecOps
DevSecOps brings a host of benefits to the table. First, it allows for the early detection and mitigation of vulnerabilities, hence reducing the risk of security breaches. Second, it streamlines the development and deployment processes, making it faster to get your products and features out there in the market.
Also, it is cost-effective. Proactively dealing with security concerns through DevSecOps saves you money in the long run. And finally, it gives you a competitive advantage. Prioritising security and embracing DevSecOps builds trust with your customers and partners, giving you the competitive edge.
DevSecOps is gaining momentum in India as businesses recognise its importance in today’s security-conscious world. The increased demand for skilled engineers, the emergence of a DevSecOps culture and the inherent benefits of the methodology make it a cornerstone of software development in India. As technology continues to advance, DevSecOps will play a pivotal role in safeguarding digital assets and driving innovation in the country’s tech ecosystem. Embracing DevSecOps is a necessity for organisations that want to thrive in the digital age.
The future of DevSecOps will be influenced by trends, such as the growing use of cloud computing and the enablement of automated security testing and integration. Also, artificial intelligence and machine learning are helping identify vulnerabilities faster and automating security processes, reducing their risk and cost. These trends reflect the increasing significance of security in the software development process, driving DevSecOps adoption.
