Cultivating a Culture of Excellence in DevSecOps: Integrating Fixing Forward within Value Streams

What is DevOps?

DevOps is a set of practices, philosophies, and cultural philosophies that aims to shorten the systems development life cycle and provide continuous delivery with high software quality. It's a blend of "Development" and "Operations," reflecting its purpose to unify software development (Dev) and software operation (Ops).

The core idea behind DevOps is to foster a culture of collaboration and communication between software developers and IT professionals while automating the process of software delivery and infrastructure changes. It aims to build, test, and release software more rapidly, frequently, and reliably by:

1. Automation: Automating repetitive tasks, from code integration, testing, and deployment to infrastructure provisioning and management, to increase efficiency and reduce the risk of human error.
2. Continuous Integration and Continuous Delivery (CI/CD): Implementing CI/CD pipelines ensures that code changes are automatically built, tested, and prepared for release to production, facilitating a streamlined workflow for deploying new features, fixes, and updates.
3. Monitoring and Logging: Keeping track of the performance of applications and infrastructure in real-time to quickly identify and resolve issues.
4. Collaboration and Culture: Encouraging a culture of open communication and collaboration across all teams involved in development and operations, breaking down traditional silos.
5. Feedback Loops: Implementing feedback mechanisms to quickly adapt and respond to customer needs, market changes, and system failures.

By integrating development and operations teams, DevOps aims to improve deployment frequency, achieve faster time to market, lower the failure rate of new releases, shorten the lead time between fixes, and improve mean time to recovery.?

In the complex realm of DevSecOps, the ambition to merge security, development, and operations into an efficient workflow increasingly centres around two key aims: Velocity and Reliability.

Reflecting on this balance, Reid Hoffman, the founder of LinkedIn, once insightfully remarked, "If you are not embarrassed by the first version of your product, you’ve launched too late." This perspective underscores that while the goals of speed and dependability might seem at odds, they can indeed coexist in harmony.

Therefore embracing a "fixing forward" ethos aligns perfectly with this notion, advocating for swift resolutions to issues while simultaneously encouraging profound cultural and operational advancements within organisations. By incorporating this forward-fixing mindset into their value streams, companies can achieve remarkable efficiency and resilience. This method proves that rapid development and robust stability aren't merely compatible objectives but are, in fact, mutually reinforcing, perfectly capturing the essence of integrating velocity and reliability in DevSecOps initiatives.

Embracing Change through Value Streams

Value stream management in DevSecOps represents the comprehensive observation and optimisation of the flow of value from conception to delivery. Integrating the fixing forward approach within these value streams involves a deliberate cultural shift towards agility, responsibility, and continuous enhancement. This shift is crucial to achieving both speed and stability, encouraging organisations to:

1. Identify and Eliminate Bottlenecks: Focusing on the entire value stream allows teams to swiftly pinpoint bottlenecks or inefficiencies and apply the fixing forward approach to resolve these issues quickly, ensuring a smoother and more rapid value flow.
2. Encourage Collaborative Problem-Solving: Incorporating fixing forward into value streams cultivates a culture where cross-functional teams work closely together to tackle challenges, leveraging diverse perspectives for more comprehensive and effective solutions.
3. Implement Feedback Loops: Regular feedback loops are integrated into value streams, facilitating continuous monitoring, learning, and refinement. This iterative process ensures the optimisation of both velocity and reliability over time.

Change Management for Enduring Transformation

The successful integration of fixing forward into value streams necessitates a strategic approach to change management, emphasising:

1. Strategic Alignment: Ensure the vision for merging fixing forward with value streams is clearly aligned with organisational objectives, demonstrating how this approach contributes to faster delivery and improved stability.
2. Continuous Learning: Promote a learning environment where ongoing education on value stream management and the principle of fixing forward is prioritised. This not only empowers teams but also drives innovation and enhancement.
3. Adaptive Leadership: The success of championing change significantly rests on leaders who not only embody and promote the desired behaviours but also offer essential support to steer through the intricate dynamics of this cultural transition. This juncture is where numerous MVPs encounter obstacles, predominantly due to leadership challenges. Hence, it's imperative that leaders are furnished with the necessary skills to grasp agile methodologies comprehensively, enabling them to adopt a proactive and 'fix forward' mindset in their approach.
4. Acknowledgement and Reinforcement: Recognise achievements and milestones within value streams that exemplify the successful application of fixing forward. Celebrating these successes reinforces the commitment to seeing rapidity and stability as complementary goals.

?

Below is a more detailed breakdown of how Change Management can bolster DevOps:

Strategic Alignment and Vision Clarity:

Change management fosters strategic alignment, ensuring that all efforts to integrate fixing forward and other DevOps practices are in harmony with the overarching organizational goals. This clear vision is essential for coherent action and support across departments, which drives more effective and efficient implementation of technologies and processes.

Enhanced Collaboration and Communication:

The essence of DevOps is the seamless collaboration between development, operations, and now security teams (forming DevSecOps). Change management aids in breaking down the traditional silos that exist between these departments, promoting a culture of communication and shared responsibility. This is crucial for identifying and resolving issues swiftly and efficiently, thereby accelerating delivery cycles and enhancing product quality.

Faster Adoption of Automation Technologies:

Implementing change management processes within DevOps encourages a smoother transition to automated systems. These systems are fundamental to improving the consistency and speed of deployments, testing, and releases. Automation reduces human error and frees up valuable resources to focus on more complex problems, thereby increasing overall productivity.

Continuous Learning and Improvement:

Change management emphasizes the importance of continuous learning and adaptation based on feedback from operations and end-users. By integrating learning directly into the workflow, organizations can more quickly adapt to new challenges and opportunities, continually enhancing their processes and products.

Leadership and Support for Cultural Shifts:

Effective change management requires supportive leadership that is committed to the cultural shifts necessary for successful DevOps integration. Leaders must advocate for and embody the principles of agile methodologies and continuous improvement, creating an environment where rapid innovation and robust stability are not only encouraged but expected.

Recognition and Reinforcement of Success:

Change management also involves acknowledging and celebrating successes in the DevOps journey. This reinforcement helps build momentum and sustains commitment to the processes that facilitate rapid and stable delivery cycles, underpinning the organization's long-term success.

The Synergy of Rapidity and Stability

In conclusion, the adoption of the "fixing forward" approach within DevSecOps value streams, as discussed in "Cultivating a Culture of Excellence in DevSecOps," marks a significant shift in the way organisations approach software development and operations. This method not only improves operational efficiency but also cultivates a proactive problem-solving and continuous improvement culture. Committing to this strategy enables organisations to effectively navigate the complexities of modern software environments, balancing the need for rapid development with the necessity for robust security and operational stability. As the digital landscape evolves, it is essential for organisations to adopt these principles to remain competitive and responsive to market demands.

Change management plays a pivotal role in this process by ensuring strategic alignment, enhancing collaboration and communication, facilitating the adoption of automation technologies, and fostering a culture of continuous learning and improvement. Effective leadership and the recognition of successes are crucial to sustaining these changes and fostering an environment where rapid innovation and robust stability are not only encouraged but expected.

Thus, the integration of rapidity and stability through fixing forward and value stream management is not merely an objective but an ongoing process that will continue to influence the future of DevSecOps. By embracing these strategies, organisations position themselves at the forefront of innovation and reliability, setting the stage for sustained success in an ever-evolving digital arena.

Cat's academic background, includes a Master's Degree in Human Resource Management and a Bachelor's degree in Fine Arts with honors. Additionally, she has completed graduate studies in Art History. With over 15 years of professional experience in Human Resources, in both London and Australia, she has excelled in leading HR teams, managing the entire spectrum of the employee experience life cycle. Presently, Cat is employed at Deloitte, where she leads change and culture organisational transformation initiatives, applying her expertise across a diverse range of industries.

Jansson, N., 2013. Organizational change as practice: A critical analysis. Journal of organizational change management, 26(6), pp.1003-1019.

Husain, Z., 2013. Effective communication brings successful organizational change. The Business & Management Review, 3(2), p.43.

Katal, A., Bajoria, V. and Dahiya, S., 2019, March. DevOps: Bridging the gap between Development and Operations. In 2019 3rd International Conference on Computing Methodologies and Communication (ICCMC) (pp. 1-7). IEEE.

Davis, J. and Daniels, R., 2016. Effective DevOps: building a culture of collaboration, affinity, and tooling at scale. " O'Reilly Media, Inc.".

Townsend, W.R., 2010. Innovation and the value of failure. International journal of management and marketing research, 3(1), pp.75-84.

Van der Panne, G., Van Beers, C. and Kleinknecht, A., 2003. Success and failure of innovation: a literature review. International journal of innovation Management, 7(03), pp.309-338.