Forrester Consulting: Bridging The Developer and Security Divide

As security professionals work to create a secure environment for organizations, developers are often left out of security planning processes but are then tasked with carrying these procedures out. This creates a fractured relationship between development and security. While senior leaders are more focused now on development and security relationships, one in three don't effectively collaborate or work to strengthen relationships. Forrester conducted a survey with 1,475 respondents and five interviews with IT, security, and development managers and above (including CIOs and CISOs) with responsibility for development or security strategy decision-making to explore this topic. We found that, despite efforts, teams continue to struggle with negative relationships and a lack of empathy while often failing to include development teams in security strategy and planning. This report provides deeper insights into that study.