• Home
  • Press Releases
  • 84% of Security and Development Professionals Believe ‘Security Champions’ Programs Can Improve Relationship Between Security and DevOps Teams

84% of Security and Development Professionals Believe ‘Security Champions’ Programs Can Improve Relationship Between Security and DevOps Teams

Publish Date

Oct 21, 2020

New Survey Highlights Current State of Security Champions Programs, Value They Provide to Organizations During Digital Transformation

Boston, MA – October 21, 2020 – At OWASP Global AppSec Virtual, ZeroNorth, the only company to unite security, DevOps and the business for the good of software, announced today the results of a new survey report examining the state of ‘Security Champions’ programs. According to the survey, 84% of security and development professionals believe that Security Champions efforts can both bolster application security (AppSec) and improve relationships between Security and DevOps teams.

As organizations embrace DevOps and accelerate software delivery, the notion of centralized control is fading away as DevOps teams are gaining increasing AppSec responsibilities. A recent Ponemon Institute Research report revealed the challenges these shifts are creating, indicating that 71% of AppSec professionals believe security is undermined by developers who don’t include proper security functionality early in the software development life cycle (SDLC).

In an effort to better prepare DevOps teams for their AppSec remit, Security Champions programs are being implemented by organizations looking to create a culture of security across the development process. The report, conducted by ZeroNorth, surveyed security and development professionals to learn about the state of Security Champions programs at their individual organizations.

The survey found that while the notion of a Security Champions program is not a new one, 67% of these programs have existed for less than two years, with almost 40% being in place less than one year. For organizations that have implemented a Security Champions Program, 78% of respondents said the program has strengthened security skills and knowledge of developers, and 77% said it improved the company’s overall AppSec posture.

“The challenge of securing applications against increasingly sophisticated attacks is larger than any single organization,” said ZeroNorth CEO, John Worrall. “The most successful approaches to creating a culture focused on security begin at the top, with  CISOs and security leaders working to bridge internal divides and demonstrate that the security of applications is everyone’s responsibility.”

Among the key findings of the survey:

  • Security champions have the power to improve AppSec, with 84% of respondents agreeing or strongly agreeing.
  • Passion for security gives strength to a Security Champion, with 50% of respondents naming it the characteristic for a successful Security Champion.
  • Security Champions are a unifying force with 56% of respondents saying Corporate Security leadership was a top requirement for the success of Security Champion and 47% saying Engineering leadership support.
  • Corporate Security teams are vital to the success of security champions programs, with 57% of respondents saying they should play a role in defining security priorities and 47% saying they should be involved in training best practices.

Download a copy of the Security Champions: Empowering Heroes to Unite Security & DevOps report here.

About ZeroNorth
ZeroNorth brings security, DevOps and the business together to improve application security performance and reduce organizational risk. The company’s application security automation and orchestration platform unites enterprises to rapidly identify, prioritize and remove the vulnerabilities standing in the way of software excellence. In an age where the security of applications needs to be everyone’s responsibility, ZeroNorth is where organizations come together for the good of software. Learn more at www.zeronorth.io

eBooks & Research Reports

How DevSecOps Analytics Solve the Biggest Hurdles of AppSec

When it comes to building out a robust AppSec program, and embarking on the journey toward DevSecOps, there is a lot to remember and just as ...

Read Now


Ramp Up Your AppSec Program with ZeroNorth DevSecOps Quick Start

Learn how ZeroNorth DevSecOps Quick Start is ideal for engineering and security teams who need a quick, easy and cost-effective way to jumpstart their AppSec program.

Read Now

Related Press Releases

ZeroNorth Delivers New Capabilities to Rapidly Identify, Prioritize and Remove Vulnerabilities Standing in the Way of Software Excellence

By ZeroNorth Oct 8, 2020

New enhancements empower organizations to maintain enterprise standards for application security while accelerating software delivery, without disrupting DevOps processes Boston, October 8, 2020 –– ZeroNorth, the ...

Read More

The ZeroNorth DevSecOps platform offers options for your DevSecOps journey—getting started with AppSec, finding enterprise visibility or fully integrating security into DevOps.