In the rapidly emerging digital-transformation-business phenomenon that is impacting all aspects of our lives, data is the fuel, and the application the engine that allows us to fold, spindle and mutilate that data. This makes DevOps — or the latest revision, DevSecOps — the preferred alternative for rapidly creating and revising the all-mighty app, but while the practice is catching on, like DT implementation, success is far from guaranteed, according to a new survey from CA Technologies (a lesson it should be considering as it awaits the pending acquisition by semiconductor vendor Broadcom; valued at $18.9 billion, the deal is expected to close this quarter.).
“Software sits at the heart of most digital transformation projects and businesses are finding it impossible to continue to employ monolithic, legacy applications and remain competitive in the marketplace,” said Alexander Michael, director of Consulting at Frost & Sullivan, the survey’s author, in a prepared statement. The survey of 1087 IT and business executives found that ‘companies that embrace modern application architectures – such as APIs, microservices and containers – in concert with modern development best practices like DevOps, DevSecOps and Agile are better able to continuously and quickly adapt and adjust software applications to changing market trends and customer needs.’
Business executives say that three out of the four top challenges faced by their organizations are directly related to digital initiatives, and 84% say modernizing the way software and apps are developed and delivered is very important or crucial to the future success of their organization, found CA. Respondents that were further along in their adoption of modern application architectures and development practices saw impressive benefits, including:
-8x more likely to declare that applications are very good at supporting the achievement of KPIs than those who were relatively low in their adoption of modern application architectures;
-7x more likely to say their apps are completely integrated when it comes to functionality, data sharing, authentication and security;
-6x more likely to say their apps are significantly better at delivering business insights than their competitors; and,
-experienced 2x higher profit growth.
So DevOps is (an essential part of) the right solution, but as with most things in life, the devil is in the details, and there are a lot of details. Areas of concern included:
-56% claimed that software issues can negatively affect the achievement of KPIs;
-69% said the pressure to release new applications or updates negatively affects quality and security;
-67% felt that their organization sometimes trades off security for speed; and,
-90% of those who claimed to widely utilize modern application architectures stated that it’s challenging to manage and monitor APIs, microservices and containers, and that APIs and microservices are adding new risks to organizations.
In many instances, it appears that the business side (Lines of Business/LOBs) is driving the DevOps train, creating the very silos that DevOps was supposed to eliminate, and with potential complications for data security, data integrity, data duplication, information silos, compatibility and costs. Not so, said Ashok Reddy, Group General Manager of DevOps, CA Technologies, in an email exchange with IT Trends & Analysis.
“LOBs are doing their own development, but they are partnering with the IT department in many instances to mitigate some of the risks mentioned above,” he stated. Citing a key insight from the report, “The lack of competition between large organizations’ IT departments and the functional groups they support suggests that shadow IT is a thing of the past and that chief information officers are assuming a strategic role of seeking harmony.
“The survey found that two-thirds of large organizations plan to increase their software acquisition and development budgets. These increases are higher than the IT budget growth in general and reflect that application development no longer has to compete for a share of a central IT budget. Business executives can fund their own priority initiatives.”
Business executive respondents outnumbered IT by more than two to one, 768 versus 319. The major difference in their responses was “how IT and business executives perceived security to be the key challenge in their day-to-day operations.” While IT was most concerned, the finance, legal and risk group wasn’t far behind, with product and customer experience the least-concerned group, just ahead of customer service and support.
The report conveys the need for business execs to focus more on security, as many respondents feel their organizations trade security for speed, he said. “That is why eight out 10 respondents view continuous security testing and DevSecOps as integral parts of sustaining a healthy architecture.”
Reddy said this year’s survey was the first to focus primarily on LOBs, and the only surprise was “the extent to which modern application architectures and modern development practices impact business outcomes, as evidenced by the responses to the survey. That said, because every company is essentially a software company, it was interesting to see the shift in thinking among LOB leaders and their growing interest in the software development process to the point where LOB leaders are allocating budget and resources to it. We view this as a positive change towards breaking down the silos within organizations to positively impact the business.”
DevOps darling Puppet, the creator of software automation solutions, published its own DevOps survey a month earlier — its seventh annual State of DevOps Report — reporting that the market is thriving and it’s (mainly) about the people, not the technology. The two driving hypotheses — that most successful DevOps transformations follow a specific pattern: Starting with grassroots efforts, early successes and proven practices are shared with other teams. Next, the successful patterns are shared with multiple teams throughout a department, and finally, are spread to other departments — found this pattern to be true.
Using third parties is also an area of concern, accorind to another recent survey. Outsourcing IT and software delivery functions can be problematic, according to a recent survey from the DevOps Research and Assessment (DORA). “[Functional outsourcing has] been a common barrier to the adoption of DevOps,” says Jez Humble, CTO and founder of DORA.
According to the report, “(L)ow-performing teams are 3.9 times more likely to use functional outsourcing (overall) than elite performance teams, and 3.2 times more likely to use outsourcing of any of the following functions: application development, IT operations work, or testing and QA.” This suggests that outsourcing by function is rarely adopted by elite performers, concluded DORA.
Regardless of the challenges, the DevOps market projections are very positive:
-the worldwide DevOps software market achieved a level of $3.9 billion in 2017 and will reach $8 billion in 2022 (IDC); and,
–the global DevOps market size is expected to reach $12.85 billion by 2025, an 18.60% CAGR (Grand View Research).
DevOps, like DT, is growing quickly, unlike CA, and it doesn’t look like the future will be any brighter under Broadcom. “Legacy software assets are highly tangential to Broadcom’s core data-center and smartphone chip businesses. Integration here would likely be harder and customer bases have little overlap,” noted Bloomberg Intelligence analyst Anand Srinivasan. Intel has shown repeatedly that venturing into non-adjacent markets is very difficult, and when you add in the fact that more than half of mergers fail, it’s difficult to see why this merger should succeed.
The CA purchase lacks strategic rationale and seems more like “financial engineering” and a private equity play, said Evercore ISI analyst C.J. Muse. “We note that CA Technologies had been in the process of selling itself and had failed to attract a private equity buyer,” Muse said. “With software mainframe revenues in decline and no clear synergies to Broadcom’s current revenue streams, we struggle to understand Broadcom’s incentive here.”
The Fiddly Bits (& Bytes)
CA made a number of announcements to help companies forge a path towards modern application architectures, including:
-new Full Lifecycle API Management solution enhancements;
-enhancements to CA’s end-to-end Continuous Testing portfolio, i.e. new Jenkins® plugin for CA Service Virtualization, Integrated Data Masking Workflows for CA Test Data Manager, and CA Agile Requirements Designer’s Requirements Insights capability; and,
-new CA Project & Portfolio Management (CA PPM).
DISCLAIMER: I am a CA shareholder (but apparently not for much longer).
R-Cubed (Recent Related Reportage)
HPE Targets One of DT’s Biggest Pain Points
…Linking Development and Security…
CA’s BTCS2.1: Where Do We GrOw From Here?
CA’s BTCS2.0: Change Is The New Normal
DTW18 & Connecting The DoTs (Part 2 of 3)