An approach that builds cybersecurity into software and platforms can create stronger security, reducing vulnerabilities and risks. But implementation often comes with challenges.
Focusing on a software product’s speed to market, performance, and security, Ankit Gupta suggests embracing “integrated KPIs” for organizations, fostering shared accountability across product teams, DevSecOps teams, and stakeholders. “Developers don’t have KPIs around security, because it isn’t their main responsibility. But if you’re not incentivized as a developer to spend more time on security, it will limit the willingness to spend time on security,” says Ankit Gupta, Practice Director with Everest Group.