Veracode exposes DevOps skills gap
70% of developers don't have DevSecOps skills needed to address the growing threat of ransomware
Developers are lacking the skills needed to operate in a DevOps environment according to research by Veracode, with security-related talents the most absent.
Although 65% of DevOps professionals think it's very important to know the basics of DevOps when taking on an IT-related role, 70% say they are not receiving the level of training needed for security-centric DevOps environments (DevSecOps).
However, recent issues related to ransomware such as WannaCry have exposed the need for more Devops professionals that are able to quickly develop solutions for such vulnerabilities and security risks.
"WannaCry and Petya are just two recent examples of large-scale cyberattacks that further demonstrate the importance of security in today's exceedingly digital world," said Veracode's VP of Engineering, Maria Loughlin.
"Despite this apparent need, security practices and secure software development isn't required to earn a degree in IT or computer science."
What's also concerning is that Veracode's research revealed 30% of businesses don't have the skills needed to develop the software and services needed to deliver applications at speed and 40% of managers interviewed by the security firm don't have sufficient knowledge about security testing.
This is despite the majority of surveyed DevOps professionals having a bachelor or master's degree (80%) and half holding a degree in computer science.
"Our research with DevOps.com highlights the fact that there are no clear shortcuts to address the skills gap," Loughlin said.
"Higher education and enterprises need to have a more mature expectation around what colleges should teach and where organisations need to supplement education given the ever-changing nature of programming languages and frameworks. The industry will have to come together to ensure the safety of the application economy."