• Research conducted by GitLab found 97% of telco DevSecOps staff are already using AI
• But 70% said AI is making compliance more difficult
• And 75% warn agentic AI could create unprecedented security challenges

While the introduction of artificial intelligence (AI) offers significant opportunities for the telecommunication industry, it is also causing major security and compliance concerns for the DevSecOps (development, security, operations) arm of the industry.

That is among one of the key takeaways from the results of a Harris Poll, conducted last year on behalf of GitLab, which sourced feedback from 3,266 DevSecOps professionals working across the IT, telecom and software industries.

In the report, entitled The Intelligent Software Development Era: How AI will Redefine DevSecOps in Telecommunications, which focuses on 480 respondents from the telecom sector, GitLab found there is almost universal readiness to adopt AI, with 97% of DevSecOps professionals already using the technology for software development or planning to use it in the near future. However, that comes with near universal concern over data privacy.

With AI transforming work patterns, the telco DevSecOps respondents noted they now spend only 14% of their time writing new code and 12% on improving existing code. The rest is split between meetings and administrative tasks (20%), identifying and mitigating security vulnerabilities (14%), understanding code and testing (11% each) and maintenance (8%).

AI – especially agentic AI – is seen as a way of freeing up DevSecOps professionals from administrative tasks, with teams now trusting AI to handle over a third of daily tasks independently. In fact, 81% of those polled agreed that agentic AI could make them more satisfied in the workplace.

But despite the positivity around the benefits that AI could bring to DevSecOps workers in telecom, there are still major concerns around security. The two most important skills respondents need to develop over the next 18 months, both of which were cited by 46%, were using AI to automate security practices and processing data for security analysis, followed by mitigating security challenges posed by AI (39%).

Overall, 75% of respondents said they expect agentic AI to create unprecedented security challenges, while 85% said their company still requires heavy human oversight to combat compliance concerns.

With AI integration moving faster than expected for 80% of the respondents, AI-generated code is creating new challenges for development teams. Some 72% of respondents said they had experienced some kind of problem with code generated using “vibe coding” (natural language prompts used to generate code). Other key challenges presented by AI-generated code include security and privacy threats (38%), vulnerabilities (37%) and having to re-write the code (31%).

But concerns around a lack of skills, formal protocols for AI usage, and silos in organisations could hinder AI deployments and lessen successful adoption rates. The average developer in telecom said they lose around seven hours per week due to inefficient processes, while 38% admitted to using unofficial AI tools at work.

When asked to identify what skills DevSecOps professionals need to advance their careers in the AI landscape, implementing AI for code generation topped the list (41%), closely followed by AI for security and compliance (39%), and creating a software development lifecycle (37%).

GitLab stated: “AI is reshaping the fabric of DevSecOps in telecommunications. Telcos are under intense pressure to modernise network infrastructure and offer profitable digital services. They are expected to transform into software-driven technology companies, yet still ensure security, reliability and customer trust as they adopt AI and work to accelerate innovation. This balancing act – between speed, security and new skill sets – is defining a pivotal moment for the next era of DevSecOps in telecommunications.”

The Harris team engaged with DevSecOps staff across the world: Some 28% of respondents to GitLab’s survey are based in the US, with Germany (9%) and the UK, France and Italy (8% of respondents each) rounding out the top-five countries polled. Respondents work across IT security, IT operations and software development with around two-thirds at director or management level, and more than half work at businesses with between 1,000 and 10,000 employees.

- James Pearce, Editor, TelecomTV