As part of Forrester’s research into securing what you sell, we have long advocated for security leaders to overlay their own activities with the rest of the product team and to engage in the product lifecycle before the product has even been defined. Last year, we reached out to product management decision-makers to learn more about their views of how product management, security, and development teams collaborate. Here’s what we learned:
- Collaborating with security really does improve the product. When asked about the benefits of collaboration among security, development, and product management, 77% of respondents called out more secure products. These product management leaders also highlighted a stronger security posture (beyond just the product) and faster and more secure releases. It’s reassuring to know that most product leaders view security collaboration as having a positive impact on product security, and it’s also interesting to see how that tight collaboration helps with release cadence.
- Cross-team collaboration also impacts the bottom line. About half of respondents saw a more integrated DevSecOps process, increased agility, and reduced operational costs as benefits. Collaboration creates a more efficient and adaptive team that can support the firm in its journey to become customer-obsessed.
- Development is still the intermediary. From the product management leaders’ perspective, the development and product management teams are very well integrated, and the development and security teams are pretty well integrated, too. Only half of respondents, however, thought that product management and security were moderately or significantly integrated — each works better with the development team than they do with each other.
Security leaders: Use these findings to tout how security involvement across the product lifecycle improves a range of business metrics. Check out the full report, Security And Product Management (Mostly) Want The Same Thing, and please schedule an inquiry if you’d like to discuss it further.