Cloud Security, Cloud Security

Report: Implementation of DevSecOps still lagging

Only 30% of enterprises have achieved full implementation of DevSecOps practices at present, the Cloud Security Alliance said in its Secure DevOps and Misconfigurations 2021 report, while some organizations that are adopting DevSecOps are facing setbacks from misconfigurations caused by keeping security settings on default, according to DevOps. The slow pace of DevSecOps rollouts comes amid companies’ recognition of the need to implement tighter security measures earlier in the development pipeline in response to the increasing prevalence of cyberattacks, though most organizations are failing to bring their DevSecOps practices to full maturity because of poor visibility, lack of training, and inadequate internal guidance and access to security resources, according to the report. Of the 90% of companies that reported being on the path to embracing DevSecOps, 24% said they are in the planning stage, 18% are fine-tuning their DevSecOps strategy, and 18% are still in the design phase. Meanwhile, 10% of polled security professionals said they do not plan to implement DevSecOps at all.

Related

New Muddled Libra attacks set sights on cloud

Attacks by the Muddled Libra threat operation — also known as UNC3944, Scattered Spider, Scatter Swine, and Starfraud — have been redirected at cloud service providers and software-as-a-service apps as part of efforts to bolster its data extortion efforts, reports The Hacker News.

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.