This year-end summary highlights four primary research studies Security Compass commissioned in 2021 on topics in Cybersecurity, covering DevSecOps, Cloud Adoption, Threat Modeling, and the US DoD. The research was conducted independently by Golfdale Consulting, Inc.
The report quantifies the challenges and opportunities being confronted by US government agencies at the federal, state and local levels. Software development methods, security expertise, developer controls and mitigations, communication approaches, and current approaches to ATO compliant software development are explored.
Public trust and confidence in data and privacy rights is not just good for consumers but it is also good for businesses. Governments that adopt a “privacy is a human right” lens to their privacy reforms will not only empower their citizens but will also propel their businesses to be more competitive in the digital age. Doing so in a coordinated manner across jurisdictions will help with speedy uptake of new requirements and compliance, while avoiding consumer confusion.
In Part 1 of this blog series, we explored the consumer consent lessons that can be learned from sectors that have long grappled with consent. Our “hypothesis” is a simple one: specific industries that existed well in advance of the hyper digitalized world we live in today are well-practiced at working through consent issues. In Part 2 we analyzed the connections between cookie consent, brand trust, and revenue. In Part 3, we further explore and provide examples of informed consent.
In Part 1 of our Cookie Consent and Privacy blog series, we explored the industries with a history of consent and the lessons learned from their implementation. We proposed the hypothesis: specific industries that existed well in advance of the hyper digitalized world we live in today are well-practiced at working through consent issues. We hope you enjoy Part 2 of this series, where we analyze the connections between cookie consent, brand trust, and revenue. In Part 3, we further explore and provide examples of informed consent.
There is a rising trend toward the adoption of DevSecOps over the last year. When asked about the biggest driver of DevSecOps adoption, we found a high degree of unanimity for improving security, quality, and resilience as their top priority. Bringing technology to market faster was the second most important driver, reducing organizational silos third, with cost reduction the least important. This report reveals how perceptions toward security and compliance evolve as organizations reach maturity in their DevSecOps programs.