Businesses can be exposed to vulnerabilities when professionals prioritize a deadline over security, according to research from Threat Stack.
More than half of companies admit to loosening security measures to expedite projects or meet deadlines, a new Threat Stack report found.
In a survey of over 200 executives, 52% said their company had prioritized a deadline or objective over the firm’s security. The emphasis on speed over security could leave holes in a project, leaving a company vulnerable.
The focus on speed comes from pushback on both sides of a project, the report found. Over two-thirds—68%—of respondents said their CEO asks the DevOps and security teams to not do anything that would slow a project, while 62% said their operations team sometimes fights new security efforts.
he majority of respondents said SecOps is important for their organization, but only 35% said it was a complete or mostly complete project at their company. At 18% of companies, SecOps isn’t established at all, the report found.
“The vast majority of companies are bought-in, but, unfortunately, a major gap exists between intent of practicing SecOps and the reality of their fast-growing businesses. It’s important that stakeholders across every enterprise prioritize the alignment of DevOps and security,” Brian Ahern, Threat Stack CEO, said in the press release.
Most of the challenges come from organizational alignment, the report found, as DevOps and security teams might be operating in different silos.
The discrepancy suggests companies should agree and focus on security to ensure their company remains safe, even under pressure from a deadline or the competition.