5 Myths of Adopting DevSecOps in Government Agencies

Written by Jimmy Pham and Martin Folkoff

Myth No. 3: DevSecOps is all about speed, letting us deploy anytime, anywhere, and in any way. In our organization, we’ll be able to quickly churn out software with continuous integration/continuous delivery.

The Reality: Velocity is just a byproduct. Quality, stability, and compliance are the core foundations that enable whatever delivery speed the business requires. DevSecOps facilitates these fundamental principles of software development with automated, repeatable processes.


Myth No. 4: We’ll need to hire all new “super” developers to implement DevSecOps. Our current teams don’t know how. From development to operations, security, and testing, it seems like developers are now responsible for every aspect of the software delivery pipeline.

The Reality: The process, methodology, and technology behind DevSecOps means your teams are more engaged with each other versus having developers be responsible for everything. There’s no need to hire new developers unless they’re unable or unwilling to adapt to the cultural shift. DevSecOps breaks down silos and maximizes transparency, focusing on team ownership and responsibility.


Myth No. 5: DevSecOps is a capability. We can simply “buy DevSecOps” and implement it across our organization.

The Reality: You can’t buy DevSecOps. It’s a methodology—a philosophy—in which cross-functional delivery teams integrate technologies and collaborate to put your processes, practices, and philosophy into action. You can buy tools, such as continuous integration and release management, to enable your DevSecOps pipeline, but it’s really your delivery teams that make it happen. They’re the ones providing value. In a cultural shift, they’re driving continual improvement.

The Bottom Line

Shedding light on these five key misconceptions can help give you a better understanding of DevSecOps practices and how they relate to your organization’s software delivery lifecycle and the overall framework for developing an effective DevSecOps adoption plan. The benefits of DevSecOps are clear: improved quality, flexibility, speed to value, increased efficiency, and potential cost savings. With the right expertise, you can put your organization on the road to a successful and enduring DevSecOps practice.

Experts in the Field

1 - 4 of 8