Business
GitLab Survey Reveals Tension Around AI, Security, and Developer Productivity within Organizations
CxOs and staff are not aligned on the topics of AI, risk, and trainingEfforts to fix security vulnerabilities are hindered by organizational red
About this update from Gitlab Inc.
[{"type":"text","content":"CxOs and staff are not aligned on the topics of AI, risk, and trainingEfforts to fix security vulnerabilities are hindered by organizational red tapeLeadership understands the importance of developer productivity for organizational success but isn’t measuring it against business outcomesWhile most companies are shipping software twice as fast as last year, toolchain sprawl is hindering velocity SAN FRANCISCO, June 25, 2024 (GLOBE NEWSWIRE) -- ALL REMOTE -- GitLab Inc., the most comprehensive AI-powered DevSecOps platform, today released its 8th annual Global DevSecOps Report on the current state of software development. In April 2024, GitLab surveyed over 5,300 CxOs, IT leaders, developers, and security and operations professionals worldwide on their successes, challenges, and main priorities for implementing DevSecOps. The report underscores the mixed sentiments surrounding security, developer productivity, and AI's role as a catalyst and a potential risk. It also reveals differing priorities and concerns between CxOs and individual contributors. Global CxOs (69%) say they are shipping software at least twice as fast as a year ago, highlighting that acceleration is underway. However, only 26% of respondents report implementing AI. Other key themes include: Perceptions of AI risk, training, and skills vary between executives and staff 56% of CxOs said introducing AI into the software development lifecycle is risky, while only 40% of individual contributors cited concerns about privacy and data security as a top obstacle to using AI in the software development lifecycle.35% of CxOs identified the lack of an appropriate skill set to employ AI or interpret AI output as an obstacle to using AI, but only 26% of individual contributors agreed.25% of individual contributors said their organizations don’t provide adequate training and resources for using AI; however, only 15% of CxOs felt the same way. Software supply chain security is a potential weak spot 67% of individual contributors said a quarter or more of the code they work on is from open source libraries — but only 21% of organizations are currently using a software bill of materials (SBOM) to document the composition of their software.52% of security professionals said organizational red tape often slows their efforts to fix vulnerabilities quickly.55% of security professiona...