DevSecOps is the principle that all technology teams have accountability for cybersecurity in an organization—ownership is not solely at the door of the security professionals and teams. The idea that cybersecurity is everyone’s job has come about partly because cybersecurity skills are constrained—within the market as a whole and within an organization specifically. A recent report from (ISC)2 claims there is a global cybersecurity staffing shortage of three million and that this is increasing. This is certainly my own experience with the organizations I work with in Europe and the Middle East.
This constraint manifests itself through: