Conventional wisdom holds that when it comes to any IT advancement, technology companies lead the way followed by the financial service sector. However, Puppet has made available an industry scorecard based on the company’s 8th annual “State of DevOps” survey that suggests that when it comes to DevOps adoption, it’s the retail sector that is now the most advanced.
The survey finds 28% of respondents working in the retail sector said they are deploying on-demand, while 57% said they can deploy on-demand. That compares to 26% doing so in the technology sector and 49% that are capable. In contrast, only 17% of the respondents working in the financial services/insurance sector said they are deploying on-demand, versus 42% who said they are capable.
The retail sector is also able to resolve critical vulnerabilities the fastest, with 53% reporting they can remediate a vulnerability in less than one day. However, the retail sector also ranks dead last in terms of reported “significant” or “full” security integration (32%).
Alanna Brown, director of product marketing at Puppet, said the retail sector is embracing DevOps more aggressively largely because of the increased focus on digital transformation. Companies are differentiating themselves more by the quality of the application experience, she said.
It’s also fair to note that application environments in the financial/life insurance sector tend to be more complex, she noted.
Of course, DevOps expertise of any one organization in an industry sector is likely to vary widely. However, the Puppet survey makes it clear that the adoption of DevOps is becoming broader.
In fact, in terms of year-over-year growth, the survey finds the media/telecommunications sector has made the second most progress after retail. The percentage of highly evolved telecom organizations increased by nine points from 8% to 17%. The number of organizations that scored in the low category dropped to 5% from 13%. A large proportion of telecom organizations are embedding a designated security expert in teams while maintaining a centralized security function (41%). However, in terms of DevOps adoption, only 16% said they do deploy on-demand, while 31% said they can. At that rate, that’s even slower than government agencies. A fifth of government agencies (20%) said they deploy on-demand, while 41% said they can. However, only 3% said they are able to remediate vulnerabilities in less than one hour and 24% are able to remediate in less than one day.
Brown noted that while there is still a lot of room for improvement across all vertical industry sectors, when it comes to DevSecOps there is a definite shift to the left occurring. Many development teams are now designating a cybersecurity expert that advises the rest of the team on security issues versus waiting to engage with a cybersecurity expert from within the central IT organization who has little to no programming expertise.
It may still be a while before DevOps is adopted pervasively across all vertical industry sectors. In the meantime, however, it’s clear that DevOps progress is finally starting to accelerate.