GitLab’s 8th annual Global DevSecOps Report has unveiled a complex landscape of software development, highlighting disparities between executive perceptions and developer realities. The survey, conducted in April 2024, gathered insights from over 5,300 professionals across the software development spectrum.

While 69% of CxOs report shipping software at least twice as fast as last year, AI adoption remains low, with only 26% of respondents implementing AI in their workflows. This disconnect between acceleration and AI adoption raises questions about the drivers behind increased velocity.

The report exposes significant differences in AI risk perception between executives and staff. A majority of CxOs (56%) view AI integration into the software development lifecycle as risky, while only 40% of individual contributors express concerns about privacy and data security as primary obstacles.

Ashley Kramer, GitLab’s chief marketing and strategy officer, said: “As we navigate the rapidly evolving landscape of software innovation, it’s evident that a disconnect remains between organisational leadership and developers on critical topics such as risk management and training. This gap is further exacerbated by red tape that can hinder efforts to fix issues quickly.”

While 35% of CxOs identify a lack of appropriate AI skills as an obstacle, only 26% of individual contributors agree. Moreover, 25% of individual contributors feel their organisations don’t provide adequate AI training and resources, compared to just 15% of CxOs.

Software supply chain security presents a potential vulnerability. Despite 67% of individual contributors reporting that a quarter or more of their code comes from open source libraries, only 21% of organisations use a software bill of materials (SBOM) to document software composition. This gap in visibility could leave organisations exposed to security risks.

Developer productivity measurement remains a challenge. While 99% of CxOs believe developer productivity could benefit their business, with 57% viewing it as key to growth, 51% admit their current measurement methods are flawed or nonexistent. This uncertainty in quantifying developer output could hinder effective resource allocation and team management.

Toolchain bloat is impacting development velocity. Individual contributors report using more tools (6-14) than CxOs believe (2-5), indicating a potential disconnect in understanding day-to-day development processes. Interestingly, 74% of respondents using AI for software development express a desire to consolidate their toolchain, compared to 57% of non-AI users.

“While it’s encouraging to see organisations doubling their software shipping speed in just a year, and no doubt AI has played a part, it’s imperative that organisations bridge these gaps with technology. They can drive even more innovation if they acknowledge the issues and collaborate to address them,” explains Kramer.

The report underscores the need for better alignment between executive strategy and developer needs. As organisations continue to accelerate software delivery, addressing these disparities in perception, tooling, and security practices will be crucial for sustainable DevSecOps growth and innovation.