As seen in a recent DigiCert report, an overwhelming majority of companies believe that an integrated security and devops team makes sense. In fact, 98 percent of survey 300 US respondents (a third from IT or security) are either planning to or have alreafy launched such an effort.

This is good, if unsurprising, news. For years, I’ve been saying devops is really , and so have many others. Most enterprises are now following that lead.

But it took years to get here. Why? If you don’t have people, tools, and processes focused on security, you’re not providing systemic security at platform, application, and the data levels. Enterprises are now getting hip to this fact.

As enterprises move to the cloud, they are taking advantage of the centralized nature of public clouds and exploiting the security subsystems that exist there. However, it’s one thing to have a security service available, and it’s another thing to intelligently integrate those cloud security services into your application development and operations processes.