There is a growing trend of software developer shortages leading to developer burnouts, gaps in skills, and security risks. In this episode of TFiR Let’s Talk, Glenn Russell, Head of Delivery at Qarik Group, discusses the security-related challenges companies face and how they can overcome them in order to better retain developers.
“By far and away, the biggest cause that we see for attrition at many different enterprises is that a company cannot get out of the way of its developers, and security is a big part of that,” says Russell.
While open source software has provided opportunities for everyone to access free software, it has also made it complicated for developers to see exactly what is going into the software, and securing the supply chain has become a critical consideration. Russell shares the key takeaways organizations can do to better tackle these risks and retain their developers.
Key highlights from this video interview are:
- There can be many reasons why developers burn out and quit. Russell shares his insights into what factors can contribute to this and what the biggest cause for attrition in enterprises is. He goes into some of the key trends he is seeing.
- The state of challenges application teams face has worsened since the advent of cloud and public cloud. Russell explains why the infrastructure amplifies typical software vulnerabilities and why securing the software supply chain is so critical.
- Although the purpose of open source is to make software freely available to everyone, there is a flip side where the attack surface has now been expanded. Russell talks through his views on the risks of open source software and securing the supply chain.
- Russell shares his three key points for how companies can navigate these security risks so that developers can then get on with their jobs: adopting a breach-first mentality, considering the minimal set of permission developers need to use to do their job, and adopting a defense in depth posture.
- While DevSecOps teams embrace security, this is not always the case for developers. Russell explains how we can find a balance between security, productivity, and the developer experience and practical ways to tackle these challenges.
- Russell believes that these security-related challenges do not necessarily require a technical solution or initiative but instead a cultural change. He discusses what organizations can do to bring about cultural change.
Connect with Glenn Russell (LinkedIn)
The summary of the show is written by Emily Nicholls.