Urgency Grows for Observability and Security Convergence

Learn more about Dynatrace

Organizations find increasing difficulty in maintaining software reliability and security as the demand for continuous release cycles and the rising complexity of cloud-native environments create more risk for undetected defects and vulnerabilities to escape into production, according to the 2023 Global CIO Report, Observability and Security Convergence: Enabling Faster, More Secure Innovation in the Cloud, from Dynatrace.

CIOs and senior DevOps managers are looking to DevSecOps processes, the convergence of observability and security, and the increased use of AI and automation to balance accelerated innovation with reliability and security.

The research reveals the following:

■ 90% of organizations say digital transformation has accelerated in the past 12 months.

■ 78% of organizations deploy software updates into production every 12 hours or less, and 54% say they do so at least once every two hours.

■ DevOps teams spend nearly a third (31%) of their time on manual tasks involving detecting code quality issues and vulnerabilities, reducing the time spent on innovation.

■ 55% of organizations make tradeoffs between quality, security, and user experience to meet the need for rapid transformation.

■ 88% of CIOs say the convergence of observability and security practices will be critical to building a DevSecOps culture, and 90% say increasing the use of AIOps will be key to scaling up these practices.

"It's difficult for teams to accelerate the pace of innovation while also maintaining the highest quality and security standards," said Bernd Greifeneder, Founder and CTO at Dynatrace. "More frequent software deployments, combined with complex cloud-native architectures, make it easier for errors and vulnerabilities to escape into production where they impact customer experience and create risk. There simply aren't enough hours in the day for teams to test code as thoroughly as when they had only a single monthly deployment, but there's no margin for error in today's ultra-competitive, always-on economy. Something has to change."


Additional findings from the survey include:

■ Organizations plan to increase their spending on automation across development, security, and operations by 35% by 2024, as they invest more in continuously testing software quality (54%) and security (49%) in production, automatic vulnerability detection and blocking (41%), and automating release validation (35%).

■ 70% of CIOs say they need to improve their trust in the accuracy of AI's decisions before they can automate more of the CI/CD pipeline.

■ 94% of CIOs say extending a DevSecOps culture to more teams is key to accelerating digital transformation and driving faster, more secure software releases.

"Organizations know that manual approaches aren't scalable," continued Greifeneder. "Teams can't afford to waste time and effort chasing false positives, searching for vulnerabilities whenever a new threat alert appears, or conducting forensics to understand whether data has been compromised. They need to work together to drive faster, more secure innovation. Automation and modern delivery practices such as DevSecOps are key to this, but teams need to trust that their AI is reaching the right conclusions about the impact of a particular vulnerability. To accomplish this, organizations require a unified platform that can converge observability and security data to eliminate the silos between teams. By bringing their data together and retaining its context, DevOps and security teams can unlock the insights they need through causal AI. This enables them to harness intelligent automation to rapidly deliver high-performing and secure applications that delight their users."

Methdology: The report is based on a global survey of 1,300 CIOs and senior IT practitioners involved in DevOps management in large organizations with more than 1,000 employees, conducted by Coleman Parkes and commissioned by Dynatrace. The sample included 200 respondents in the US, 100 in Latin America, 600 in Europe, 150 in the Middle East, and 250 in Asia Pacific.

Related Links

Hot Topics

The Latest

Keys to Building a Partner Ecosystem That Scales

I've spent a lot of time in the channel, and one thing I keep coming back to is this: a partner program is only as good as what it looks like in the field. Many programs look great on paper, but when a partner is in front of a customer navigating a complex hybrid environment or trying to make the case for AI-powered observability, the gap between what a vendor promises and what it actually delivers becomes very clear, very fast ...

How AI Agents Are Reshaping DataOps for the Always-On Enterprise

Enterprises today operate in a real-time environment where uninterrupted access to trusted data has become a baseline expectation for users, applications and automated systems. Traditional DataOps models, built on manual effort and human triage, cannot keep pace with this always active demand. AI agents are emerging as the operational backbone, ensuring consistent data availability, reinforcing trustworthiness and enabling a level of scale that manual processes cannot achieve ...

AI Deepfakes: Rethinking Trust in the Workplace

For decades, trust in the digital workplace rested on familiar signals. We trusted faces on video calls, voices on the phone, and emails that appeared to come from people we knew. These cues felt human and intuitive. They anchored how decisions were made, approvals were granted, and access was authorized. AI-powered deepfakes have quietly broken that model ...

Nine in Ten Enterprises Plan Cloud Data Repatriation amid Rising Cloud Costs and Data Sovereignty Mandates

Cloud migration was supposed to be a one-way door. For most enterprises, it turns out it isn't. Cloud data repatriation is a real and growing trend. A new survey ... finds that 89% of organizations plan to expand their on-premises infrastructure footprint over the next two years — and 75% have already moved at least some workloads back from public cloud in the past 24 months. The findings point to a broad rethinking of where data belongs ...

Why ITOps Need Right-Sized AI, Not Bigger Models

Over the past few years, large language models (LLMs) have revolutionized the software industry. Given their ability to excel at multi-step reasoning, LLMs have helped enterprises streamline workflows and adapt to the unknown. However, employing such models comes with sky-high costs, latency issues, and limited flexibility. In the realm of IT operations, it is generally wiser to employ smaller, domain-specific models instead ...

The End of Reactive DevOps: AI-Driven Observability for Zero-Defect Digital Systems

For years, DevOps teams operated under a simple assumption: collect enough telemetry, and you can find and fix any problem. That assumption is breaking down. Modern enterprises now operate across microservices, hybrid cloud environments, APIs, Kubernetes, and highly automated delivery pipelines. Releases happen continuously, dependencies shift constantly, and failures spread faster than teams can diagnose them ...

5 Takeaways from the Observability Forecast for Media and Entertainment

New Relic surveyed IT and engineering leaders from the media and entertainment (M&E) sector to understand what's working — and where challenges persist with their observability practices. The findings reveal how M&E organizations are navigating rising platform complexity, audience expectations, and AI-driven change. Below are five takeaways that stand out ...

Why Moving Off the Cloud Is the Easy Part and What Comes Next Is Where Things Get Hard

Let me start with something I've seen play out more times than I can count. A team hits a wall with the cloud. Costs creep up, then spike. Performance starts to feel inconsistent. Someone in finance asks a simple question like "why did this double?" and nobody has a clean answer ... Maybe this isn't the right place for everything. That realization feels like a breakthrough, like you've identified the problem. In reality, you've just identified the starting line ...

MEAN TIME TO INSIGHT Podcast - Episode 24: Network Observability Tool Sprawl

In MEAN TIME TO INSIGHT Episode 24, Shamus McGillicuddy, VP of Research, Network Infrastructure and Operations, at EMA discusses network observability tool sprawl ... 

Capacity Isn't a Guess: Observability-Driven Sizing for On-Prem Databases

In cloud-native systems, scaling is often as simple as moving a slider. For on-premise databases, the stakes are different. Over-provisioning hardware is expensive. Under-provisioning leads to performance bottlenecks that are difficult to fix once the equipment is in the rack ...

Urgency Grows for Observability and Security Convergence

Learn more about Dynatrace

Organizations find increasing difficulty in maintaining software reliability and security as the demand for continuous release cycles and the rising complexity of cloud-native environments create more risk for undetected defects and vulnerabilities to escape into production, according to the 2023 Global CIO Report, Observability and Security Convergence: Enabling Faster, More Secure Innovation in the Cloud, from Dynatrace.

CIOs and senior DevOps managers are looking to DevSecOps processes, the convergence of observability and security, and the increased use of AI and automation to balance accelerated innovation with reliability and security.

The research reveals the following:

■ 90% of organizations say digital transformation has accelerated in the past 12 months.

■ 78% of organizations deploy software updates into production every 12 hours or less, and 54% say they do so at least once every two hours.

■ DevOps teams spend nearly a third (31%) of their time on manual tasks involving detecting code quality issues and vulnerabilities, reducing the time spent on innovation.

■ 55% of organizations make tradeoffs between quality, security, and user experience to meet the need for rapid transformation.

■ 88% of CIOs say the convergence of observability and security practices will be critical to building a DevSecOps culture, and 90% say increasing the use of AIOps will be key to scaling up these practices.

"It's difficult for teams to accelerate the pace of innovation while also maintaining the highest quality and security standards," said Bernd Greifeneder, Founder and CTO at Dynatrace. "More frequent software deployments, combined with complex cloud-native architectures, make it easier for errors and vulnerabilities to escape into production where they impact customer experience and create risk. There simply aren't enough hours in the day for teams to test code as thoroughly as when they had only a single monthly deployment, but there's no margin for error in today's ultra-competitive, always-on economy. Something has to change."


Additional findings from the survey include:

■ Organizations plan to increase their spending on automation across development, security, and operations by 35% by 2024, as they invest more in continuously testing software quality (54%) and security (49%) in production, automatic vulnerability detection and blocking (41%), and automating release validation (35%).

■ 70% of CIOs say they need to improve their trust in the accuracy of AI's decisions before they can automate more of the CI/CD pipeline.

■ 94% of CIOs say extending a DevSecOps culture to more teams is key to accelerating digital transformation and driving faster, more secure software releases.

"Organizations know that manual approaches aren't scalable," continued Greifeneder. "Teams can't afford to waste time and effort chasing false positives, searching for vulnerabilities whenever a new threat alert appears, or conducting forensics to understand whether data has been compromised. They need to work together to drive faster, more secure innovation. Automation and modern delivery practices such as DevSecOps are key to this, but teams need to trust that their AI is reaching the right conclusions about the impact of a particular vulnerability. To accomplish this, organizations require a unified platform that can converge observability and security data to eliminate the silos between teams. By bringing their data together and retaining its context, DevOps and security teams can unlock the insights they need through causal AI. This enables them to harness intelligent automation to rapidly deliver high-performing and secure applications that delight their users."

Methdology: The report is based on a global survey of 1,300 CIOs and senior IT practitioners involved in DevOps management in large organizations with more than 1,000 employees, conducted by Coleman Parkes and commissioned by Dynatrace. The sample included 200 respondents in the US, 100 in Latin America, 600 in Europe, 150 in the Middle East, and 250 in Asia Pacific.

Related Links

Hot Topics

The Latest

Keys to Building a Partner Ecosystem That Scales

I've spent a lot of time in the channel, and one thing I keep coming back to is this: a partner program is only as good as what it looks like in the field. Many programs look great on paper, but when a partner is in front of a customer navigating a complex hybrid environment or trying to make the case for AI-powered observability, the gap between what a vendor promises and what it actually delivers becomes very clear, very fast ...

How AI Agents Are Reshaping DataOps for the Always-On Enterprise

Enterprises today operate in a real-time environment where uninterrupted access to trusted data has become a baseline expectation for users, applications and automated systems. Traditional DataOps models, built on manual effort and human triage, cannot keep pace with this always active demand. AI agents are emerging as the operational backbone, ensuring consistent data availability, reinforcing trustworthiness and enabling a level of scale that manual processes cannot achieve ...

AI Deepfakes: Rethinking Trust in the Workplace

For decades, trust in the digital workplace rested on familiar signals. We trusted faces on video calls, voices on the phone, and emails that appeared to come from people we knew. These cues felt human and intuitive. They anchored how decisions were made, approvals were granted, and access was authorized. AI-powered deepfakes have quietly broken that model ...

Nine in Ten Enterprises Plan Cloud Data Repatriation amid Rising Cloud Costs and Data Sovereignty Mandates

Cloud migration was supposed to be a one-way door. For most enterprises, it turns out it isn't. Cloud data repatriation is a real and growing trend. A new survey ... finds that 89% of organizations plan to expand their on-premises infrastructure footprint over the next two years — and 75% have already moved at least some workloads back from public cloud in the past 24 months. The findings point to a broad rethinking of where data belongs ...

Why ITOps Need Right-Sized AI, Not Bigger Models

Over the past few years, large language models (LLMs) have revolutionized the software industry. Given their ability to excel at multi-step reasoning, LLMs have helped enterprises streamline workflows and adapt to the unknown. However, employing such models comes with sky-high costs, latency issues, and limited flexibility. In the realm of IT operations, it is generally wiser to employ smaller, domain-specific models instead ...

The End of Reactive DevOps: AI-Driven Observability for Zero-Defect Digital Systems

For years, DevOps teams operated under a simple assumption: collect enough telemetry, and you can find and fix any problem. That assumption is breaking down. Modern enterprises now operate across microservices, hybrid cloud environments, APIs, Kubernetes, and highly automated delivery pipelines. Releases happen continuously, dependencies shift constantly, and failures spread faster than teams can diagnose them ...

5 Takeaways from the Observability Forecast for Media and Entertainment

New Relic surveyed IT and engineering leaders from the media and entertainment (M&E) sector to understand what's working — and where challenges persist with their observability practices. The findings reveal how M&E organizations are navigating rising platform complexity, audience expectations, and AI-driven change. Below are five takeaways that stand out ...

Why Moving Off the Cloud Is the Easy Part and What Comes Next Is Where Things Get Hard

Let me start with something I've seen play out more times than I can count. A team hits a wall with the cloud. Costs creep up, then spike. Performance starts to feel inconsistent. Someone in finance asks a simple question like "why did this double?" and nobody has a clean answer ... Maybe this isn't the right place for everything. That realization feels like a breakthrough, like you've identified the problem. In reality, you've just identified the starting line ...

MEAN TIME TO INSIGHT Podcast - Episode 24: Network Observability Tool Sprawl

In MEAN TIME TO INSIGHT Episode 24, Shamus McGillicuddy, VP of Research, Network Infrastructure and Operations, at EMA discusses network observability tool sprawl ... 

Capacity Isn't a Guess: Observability-Driven Sizing for On-Prem Databases

In cloud-native systems, scaling is often as simple as moving a slider. For on-premise databases, the stakes are different. Over-provisioning hardware is expensive. Under-provisioning leads to performance bottlenecks that are difficult to fix once the equipment is in the rack ...