Yes, Virginia, these are uncertain times.
It might help to start this blog with a fact: In every downturn, there are winners.And there are losers. Several studies have consistent findings that~10% of companies not only survive downturns but also expand their businesses.
How? Yes, that famous word from the last major economic crisis – pivoting.
But pivoting today has come a long way since 2008-10. Today we have DevSecOps.
What is DevSecOps? To answer that we start with DevOps which is the automation of processes that were previously performed manually by people and were time intensive. For those familiar with project management approaches, DevOps is an evolution of Agile principles.
DevSecOps combines the continuous integration / continuous deployment (CI/CD) principles of DevOps and Agile with security practices considered earlier in the software product development lifecycle. An example would be a code scanning tool integrated into an automated DevOps process which scans newly committed code. Because this is DevOps, DevSecOpsis executed with speed and for scale.
“But, Theron, I still don’t understand what you’re going on about.”
Let’s talk numbers:
- DevOps reduces release cycles by orders of magnitude. Amazon implemented it at scale and deploys new code 5,000 times daily. Yes, every day! 1.8 million times a year!
- Combining it with cybersecurity only makes sense. 52% of companies were hacked in 2018 with hackers attacking every 39 secondson average.
- In 2018 alone, firms reported over 2 million cybersecurity incidents resulting in more than $45 billion in losses.
For another example from the real world, look to the Private Equity sector. Broadly speaking, PE firms look for value in acquired companies to realize in additional earnings. One way they achieve accelerated earnings is by taking product launches and transformation strategies to warp speed.
While taboo to speak to the prowess of competitor firms, Bain & Co is a top 3 strategy consulting firm with 25% of its revenues sourced from PE companies.
What is Bain & Corecommending PE clients invest infor value and transforming software acquisitions? DevOps and Cybersecurity. In short, DevSecOps. “The explosive pace of innovation in today’s markets has dictated a new paradigm. Known as DevOps, it makes companies faster, smarter and much more flexible, allowing them to work effectively within modern IT architectures like the cloud, containers and microservices. DevOps uses many small, multifunctional teams that each own a smaller app or service.”
 HBR, “How to Survive a Recession and Thrive Afterward,” May-June 2019.
Bain & Co. further surveyed 87 companies on their DevOps usage in 2018 and five years into the future. The result of that research indicated “only 10% are using DevOps for a majority of their applications. Over the next five years, however, 50% of companies expect to be using DevOps at scale, which means big changes for the tech ecosystem.”
With the increased investment in the space, case studies abound. Bain & Co. shows how rival Thoma
Bravo leveraged DevOps to drive earnings multiples from its 2014 purchase of Compuware for $2.4 billion. Thoma Bravo’s focus throughout the acquisition was surprisingly on a recent Compuware acquisition, Dynatrace, that had fallen on hard times. Thoma Bravo spun off the company and instituted DevOps principles to transform the product portfolio to meet white space demand, the revenue model into subscriptions and ultimately the go-to-market strategy.
The result? 5x customers and 90% of revenues from subscriptions. Oh, and a $5.5 billion valuation for Dynatrace when it went public March 2019.
Some of you may have stopped reading when there were references to software and app development. A key takeaway here though is how DevOps can be leveraged for overall transformations. Layering in Cybersecurity best practices only makes sense given the ever-pressing threats to customer data and business infrastructure. This is not just about development, in other words.
Bain & Co. is more assertive. “What’s clear is that DevOps is here to stay, and companies across the economic spectrum will need to get on board if they want to remain competitive.”
And for the record, here at ImagineX, we agree with Bain & Co. We’ve leveraged DevOps to optimize developer workflow tools toward CI/CD, testing and IT operations management – all with successful impact on the client organizations.
Looking into our crystal ball for the post-COVID world, we believe DevOps and DevSecOps will be even more critical to helping our clients adapt. So, please reach out if you would like to learn more about DevOps, Cybersecurity and/or DevSecOps and how these approaches can transform your business and adapt to your changing landscape.