Skip to main content

Your workplace security policies could be shutting down innovation

(Image credit: Image Credit: TeroVesalainen / Pixabay)

Cybersecurity in the workplace is paramount, but it often comes at the expense of innovation. This is according to a new report from enterprise software provider VMware, which states that security policies are getting in the way of innovation for more than half of developers (52 percent).

Polling 1,475 IT and security leaders for the report, VMware also found that there is a lot of confusion about policies, as less than a quarter (22 percent) of developers understand which ones they are expected to comply with. Furthermore, 27 percent aren’t involved in security policy decisions, even though these shape their roles to a great extent.

Businesses whose security and development teams have strong relationships are capable of speeding up the software development lifecycle by five days, compared to those with poor relationships, VMware claims.

The benefits of tight teamwork between the two departments is a well-known fact among senior leadership, as the majority (73 percent) are focused on strengthening these relationships, albeit with varying degrees of success.

A third (34 percent) of the respondents said the teams aren’t collaborating or making an effort to improve their relationships. Among the biggest roadblocks to that goal are poor communications, competing priorities, and a lack of role definition for development teams. 

“Our research shows that security needs a perception shift,” said Rick McElroy, Principal Cybersecurity Strategist at VMware. “Rather than be seen as the team that only swoops in to fix breaches and leaks, or who ‘gets in the way’ of innovation, security should be embedded across people, processes, and technologies."

"Security needs to be a team sport that works alongside IT and developers to ensure protection across clouds, apps and all digital infrastructure. We have to develop a culture where all teams have shared interests and common goals or metrics, and where they speak one language."

It seems as if businesses are headed in the right direction; the majority of respondents (53 percent) expect security and development teams to be unified within three years.

Sead Fadilpašić

Sead is a freelance journalist with more than 15 years of experience in writing various types of content, from blogs, whitepapers, and reviews to ebooks, and many more, across sites including Al Jazeera Balkans, TechRadar Pro, IT Pro Portal, and CryptoNews.