A role theory perspective: Will shifting left become a pain for application developers?

Authors

Hwee-Joo Kam, University of Tampa
John D'Arcy, University of Delaware

Abstract

To foster application security (AppSec), organizations are adopting development, security, and operations (DevSecOps) framework that integrates application development with security controls and systems operations. With DevSecOps. application developers have to “wear many hats”. Besides coding, developers are assigned additional tasks including system testing and operations, thus adopting the roles of systems testers and systems engineers. Transitioning from one role to another involves boundary crossing through which individuals have to embrace changes for performing new tasks defined by another role. This may instigate developers’ mental fatigue. Also, tasks associated with “non-developer” roles (e.g., systems operations) may not be a good cognitive fit, thus provoking developers’ mental distress. To address this issue, we examine the effects of multi-roles adoptions on developers’ well-being that will gradually affect their cognitions of cyber situational awareness (i.e., awareness of cyber threats relative to AppSec).

Recommended Citation

Kam, Hwee-Joo and D'Arcy, John, "A role theory perspective: Will shifting left become a pain for application developers?" (2022). WISP 2022 Proceedings. 12.
https://aisel.aisnet.org/wisp2022/12