X
101908

Responsiveness, cloud and security fuel DevOps in age of COVID-19

May 5 2021
by Jay Lyman


Introduction


While the benefits of DevOps around speed, efficiency and flexibility to respond to changes in the market have been driving the trend, our DevOps, Organizational Dynamics analysis indicates that COVID-19 has also been a driver of adoption. Almost one-third of organizations indicate an acceleration of DevOps initiatives as a result of the pandemic.

Our study also highlights how tightly DevOps is intertwined with cloud computing – 49% of respondents cite shifting to cloud and reducing infrastructure as their top priority when DevOps efforts are refined, improved and expanded. Our latest survey continues to chart growth in the number of DevOps releases that include security elements, but we also uncovered some persisting silos among DevOps and security teams.

The 451 Take

We are not surprised to see DevOps driven by the COVID-19 pandemic, given its importance to digital transformation. We had already seen the growing prominence of readiness and the ability to respond to changes in the market as a top advantage of DevOps, alongside speed and efficiency, before the virus. As organizations dealt with the major disruption, the key tenets of DevOps – faster software releases, IT operations efficiency, and effective use of cloud infrastructure and services – became even more critical to survival and success in a changing market. Our research also indicates the same positive net effect from COVID-19 for cloud-native technology, such as containers, Kubernetes and serverless, which have emerged (with public clouds) as the most critical tools and platforms for enterprise DevOps teams. While the DevSecOps trend continues to grow, and was also driven by the pandemic, our study indicates that there are still silos among DevOps and security teams, with nearly one-third of them working on DevSecOps requirements independently. This highlights how both technical and cultural hurdles can mean that silos persist – something enterprises need to keep in mind as they seek to expand the number of applications and teams that are focused on DevOps.

Readiness, COVID-19 drive DevOps


In keeping with one of the most disruptive years the market has ever seen, flexibility to respond to changes was the top benefit of DevOps in our DevOps, Organizational Dynamics 2020 survey. While faster software releases and efficiency were among the biggest advantages, we have seen a growing priority placed on readiness as more organizations realize the value of being able to respond to changes in the market, whether it is new technology such as cloud native, security vulnerabilities and breaches, or a global pandemic.

This is also reflected in the desired outcomes of DevOps for organizations, which ranked organizational agility/flexibility (46%) and improving the quality of user experience (46%) ahead of speeding up time to market for new services and improvements (42%).

Our research also shows that the COVID-19 pandemic has been a driver of DevOps, with more organizations accelerating or initiating DevOps initiatives compared with those reporting delays or cancellations (Figure 1).

We believe the growth of DevOps amid the pandemic points out how critical digital transformation is to thrive and compete in today's market. This means faster software releases, more efficient IT management, and effectively leveraging cloud computing and cloud-native technology. The pandemic has also shown how putting off digital transformation and DevOps initiatives can leave organizations at a significant disadvantage compared with peers that have already begun the journey.

In terms of measuring and proving the value of DevOps – typically so they can make the case to expand DevOps practices and technology to more applications and teams – organizations are looking at both technical metrics and business metrics.

Organizations are using technical indicators such as quality and application performance, as well as business-level metrics such as customer satisfaction, to measure their DevOps success and prove its value to the company. We see a growing number of organizations considering DevOps not in terms of total cost of ownership, but increasingly by return on investment and by business metrics.

Cloud is the top long-term priority


In addition to speed and efficiency, DevOps has always been about effectively leveraging cloud computing infrastructure and services. Our survey highlights shifting to cloud as a priority as organizations refine, improve and expand their DevOps initiatives (Figure 3).

Public cloud providers, which have more aggressively addressed the enterprise DevOps market in the last few years, are also among the most important tools for DevOps in our survey at 28%, right alongside DevOps staples infrastructure automation (29%) and process automation (28%).

The focus and reliance on cloud for DevOps is also apparent when we consider the top DevOps environments today and in two years. While on-premises, non-cloud infrastructure is the primary DevOps environment today (26%), it drops to the bottom environment in two years (8%). At the same time, SaaS, IaaS and PaaS are all growing as primary environments for DevOps in two years.

DevSecOps continues to evolve, but silos persist


We are seeing an increase in the number of DevOps releases that include security elements, with two-thirds (64%) of organizations indicating that half or more of their DevOps releases include security elements, up from 52% in 2019. Teams are increasingly addressing security, with the inclusion of API security, software composition analysis, vulnerability assessment and other security tools in DevOps releases. We expect the trend to continue to grow, particularly as developers tie software quality to security, tools are integrated and automated so they don't slow developers, and high-profile issues and breaches force enterprises to take steps to reduce risk.

While a good number of organizations indicate that their DevOps and security teams collaborate on DevSecOps requirements (43%), nearly one-third (29%) say these teams work independently on those requirements (Figure 4). This highlights how, even as DevOps deployments mature and spread throughout an organization, silos can persist.

Although DevOps is now broadly adopted across verticals in the enterprise, we are reminded that it does interface with existing software development and deployment approaches. Central IT administrators are listed as the top additional stakeholder for DevOps beyond developers and IT operations.

Our study also shows more top-down adoption of DevOps, which over more than 10 years in the enterprise has evolved beyond the grassroots, developer movement that it was at its inception. Today we see management and leadership ranked as the top additional stakeholders for DevOps beyond developers and IT operations. In addition to security, data science and analytics teams, as well as database administrators, have also consistently been among the top stakeholders, reflective of the importance of collecting and leveraging both internal data from applications and infrastructure and external data such as customer experience and satisfaction input.