The previous chapter in this WhiteHat Security series discussed Codebase as the first step of the Twelve-Factor App and defined a security best practice approach for ensuring a secure source control system. Considering the importance of applying security in a modern DevOps world, this next chapter examines the security component of step two of the Twelve-Factor methodology. Here follows some actionable advice from the WhiteHat Security Addendum Checklist, which developers and ops engineers can follow during the SaaS build and operations stages ...
A recent Gartner survey found that 41 percent of surveyed IT professionals believe their IT organization to be ready for the digital business of the next two years. 29 percent of those surveyed said that engagement with the demands of digital business would be their primary duty or a significant part of their duties.
In the first quarter of 2016, Gartner surveyed 948 Gartner clients across 30 countries. Those surveyed were IT professionals representing many job categories and technology disciplines and were asked about their role in their organization’s efforts to transform itself in order to meet the challenges of digital business.
"IT professionals indicate that their investment priorities, infrastructure changes, skills development and business-IT interactions are in flux, and that they are unsure how their IT organisation will make it through any digital transformation," said John Hagerty, VP and Distinguished Analyst at Gartner. "For some, change is coming too fast. For others, it's not coming fast enough. Many know they need to change, to think and act differently, but they struggle with these shifts. Many find it hard to balance today's demands — including simply keeping their organisation running — with tomorrow's must-haves."
Most IT Organizations Are Unprepared for Digital Business Changes
91 percent of the surveyed IT professionals are in no doubt that they have a role to play in their organization’s digital transformation. However, 59 percent added that their IT organization is unprepared for the digital business of the next two years.
The latter finding highlights a real concern. Uneasiness about how well IT organizations are prepared reflects skills deficits in both technological and non-technological areas.
Cloud Technology Will Have Most Influence on IT Professional Jobs
The survey found that the technologies areas that will most influence IT professionals' jobs and careers in the next 18 months are considered to be cloud computing, analytics, mobility and security.
"Emerging technologies in fields such as cloud computing, mobility, and data and analytics, in addition to security and risk management, are permeating nearly every aspect of the IT landscape," said Hagerty. "It's essential that IT professionals identify and fill the main technology- and effectiveness-related skills gaps now — otherwise, they risk impeding their organization’s progress toward strategic goals."
The surveyed IT professionals identified the cloud as the technology that will have the single-biggest impact on their career in 2016. 22 percent selected this option — a figure double that for the next most popular choice, data and analytics.
"Acquiring cloud skills quickly is essential for IT professionals to be able to reimagine and remake their firm's IT infrastructure to better enable digital business strategies," added Hagerty. "However, it's not only cloud — there's a whole collection of technology- and effectiveness-related skills that IT professionals must plan for now."
The survey asked the IT professionals to identify up to three skills gaps that their organizations were trying to fill in relation to information, technology or digital business. Cloud and data and analytics led the list. The respondents also pointed to gaps in general technical skills (indicating a lack of broad technology knowledge), as well as in the fields of security, legacy modernization, mobility and the Internet of Things.
"But it's not just about technology, as three of the top 10 responses were professional effectiveness skills, namely critical thinking/problem solving, business acumen/knowledge and communication skills," concluded Hagerty.