TCS+ | Why a ‘shift left’ approach to software development matters

The software development process has evolved dramatically in recent years to keep up with the growing demand for delivering high-quality software in the fastest time possible.
Unfortunately, in the past security was often tacked on as an afterthought and testing only happened towards the end of the life cycle.
And in a world where threats are consistently evolving and becoming more sophisticated, this way of doing things was riddled with issues, leading the industry to realise that a new approach was needed.
Shifting left
TechCentral’s TCS+ show host James Erasmus spoke to Barry de Waal, co-owner and chief executive for strategy and sales at 9th BIT Consulting, and Hilbert Long GM of Sales for the Emea region at CYBER1 Solutions, to unpack a trend that emerged to address this challenge: “shift left”.
The “shift left” approach aims to improve software quality and cut the time spent resolving issues later in the software development cycle by seeing testing performed as code is being developed. This helps to identify and resolve bugs as early as possible in the development process.
In De Waal’s words, this approach means getting siloed activities that typically end up happening later on in the software development life cycle brought forward to take better control of what needs to be delivered.
According to Long, CYBER1 Solutions has seen development teams in organisations pulling in security teams more often. “That in itself is creating a ‘shift left’ component, because cyber teams were always the last to be pulled into the life cycle from a development perspective.”
This, he says, is one reason why CYBER1 Solutions Emea has created a partnership with 9th BIT Consulting.
Input from everybody
De Waal, adds that with a shift left approach, it’s not just the security that’s being pulled in earlier on in the life cycle. “It’s also the testing and the infrastructure that needs to be put together. Quite often you will have teams whose only priority is getting their features list out. And inevitably, down the line, it takes a lot longer -- if there is an issue with security, or infrastructure provisioning, or cloud infrastructure -- to go back and have to refactor the features that need fixing.”
So, what do these changes mean on a practical level? According to De Waal and Long, this means that everyone needs to contribute to the planning and give input into the design. Testing starts and finishes in the development environment, and developers become testers as much as internal auditing team members become planners.
The impact of this logic, according to De Waal, is huge. “People need to redefine what they contribute to their organisation. Moreover, they need to redefine their skill set and the job titles that have pigeon-holed them for so long. Multi-functional people with a breadth of skills results in greater accountability, more responsibility, more knowledge sharing, and fewer bottlenecks or points of failure.”
De Waal also warns that existing and future employees are going to have to review their skill sets to become more dynamic, adaptable and agile.
Critical thinking
Because “shift left” means testing earlier on, it helps developers think critically and get a handle on security requirements while designing software securely from the start. De Waal says this means more focus needs to be given to continuously improving one’s processes, automating what can be automated and, most importantly, getting the culture right to achieve all of this.
De Waal also says we can expect to see leadership setting the example, implementing change, and expecting all functions to enhance the cadence of delivery through the development cycle and into the production domain.
In ending, Long says CYBER1 Solutions Emea is expanding across numerous territories and will support the security enablement of numerous companies across industries, with a strong leaning towards building business ag
23 Mar English South Africa Technology · Business

Other recent episodes

TCS+ | FNB’s Mark Nasila: why AI changes everything

Developments in artificial intelligence are going to have far-reaching impacts on every industry, and every company needs to craft an AI strategy. This is according to Mark Nasila, chief data and analytics officer in First National Bank’s chief risk office, who was speaking to TechCentral on the TCS+ tech show…
25 May 49 min

TCS | Everlectric CEO Ndia Magadagela on Woolies' big EV push

JSE-listed retailer Woolworths is moving to replace its fleet of fossil fuel-burning logistics and delivery vehicles with fully electric alternatives. To discuss the project, and more, Duncan McLeod is joined on the TechCentral Show (TCS) by Ndia Magadagela, co-founder and CEO of South African EV-as-a-service (EVaaS) start-up Everlectric. Everlectric, through…
24 May 22 min

TCS+ | Louise Steenekamp: what to look forward to at Saphila 2023

The African SAP User Group (AFSUG) is a community-driven, non-profit organisation independent of SAP that represent the interests of SAP customers and partners in Africa. It does this by providing a platform to share stories, best practices and insights related to their experiences with SAP technology, assisting SAP users to…
22 May 10 min

TCS | Werner Kapp unpacks his strategy for Altron

It’s been eight months since Werner Kapp took the reins from Mteto Nyati at Altron. Now firmly in his new role, Kapp joins the TechCentral Show (TCS) to unpack his strategy for the storied JSE-listed technology group. Kapp, who previously led Dimension Data, talks about Altron’s financial results for the…
22 May 27 min

TCS+ | Data is key to any CX strategy: key insights from CallMiner

This year is set to be a difficult one for customer experience (CX) professionals as entities in every sector struggle to focus on customers while staying afloat in turbulent economic times. CX teams will need to transform, and those that can help their companies achieve their brand goals and aspirations…
12 May 36 min