Traditionally, most executives have thought of security as a necessary evil – an investment that was needed solely to avoid a bad outcome, but not something that would bring in new customers or boost revenue. But that seems to be changing. Veracode recently surveyed IT and business leaders to find out how well organizations are integrating security throughout the development process – a methodology known as DevSecOps.
The survey results highlight the effect of doing security right on the bottom line: analysis shows a clear correlation between how effectively security is managed in the development cycle and improving revenues and profits.
The research found that organizations that are making progress in the shift toward true DevSecOps outperform those organizations that lag in adoption. These security-minded organizations are:
- 2.6 times more likely to have security testing keep up with frequent app updates
- 2.4 times more likely to be leveraging security to enable new business opportunities
- 2.5 times more likely to be outpacing their competitors
- Have 50 percent higher profit growth and 40 percent higher revenue growth
What’s behind these numbers? Ayman Sayed, president and chief product officer at Veracode, recently sat down with Evan Schuman to discuss the results and what they imply. Listen to Veracode’s AppSec in Review podcast episode 14 to find out why shifting security left in the development cycle is about more than cost avoidance and how it can affect your bottom line.