Only 30% of enterprises have achieved full implementation of DevSecOps practices at present, the Cloud Security Alliance said in its Secure DevOps and Misconfigurations 2021 report, while some organizations that are adopting DevSecOps are facing setbacks from misconfigurations caused by keeping security settings on default, according to DevOps.
The slow pace of DevSecOps rollouts comes amid companies’ recognition of the need to implement tighter security measures earlier in the development pipeline in response to the increasing prevalence of cyberattacks, though most organizations are failing to bring their DevSecOps practices to full maturity because of poor visibility, lack of training, and inadequate internal guidance and access to security resources, according to the report.
Of the 90% of companies that reported being on the path to embracing DevSecOps, 24% said they are in the planning stage, 18% are fine-tuning their DevSecOps strategy, and 18% are still in the design phase. Meanwhile, 10% of polled security professionals said they do not plan to implement DevSecOps at all.
TechCrunch reports that major U.S. healthcare revenue and payment cycle management provider Change Healthcare had its systems targeted by a cyberattack on Feb. 20, which resulted in the loss of access across most of the prescription processor's login pages.