Retaliation, gagging, flawed oversight - Software engineers face backlash if they report wrongdoing
Software is potentially being compromised by priorities on speed, rather than security
Software engineers are facing retaliation from colleagues and employers when reporting wrongdoing, new research has claimed.
A report found ENGPRAX found this retaliation, alongside contractual gagging clauses and a priority on software development speed, are having a knock-on effect on the security of computer systems.
This culture of fear is also stifling engineers from voicing concerns, presenting ideas, or asking questions.
Businesses prioritizing speed over security
Overall, the study found that within the UK software development industry, over half (53%) of engineers suspected wrongdoing at work, and three quarters (75%) said that the last time they reported wrongdoing, they faced backlash from both their colleagues and employers. This amounts to around 145,000 software engineers in the UK having faced retaliation at work.
Moreover, the priorities of software delivery do not align with the priorities of software engineers and the general public. Within the dimensions provided, software engineers were most likely to agree that providing for their families (52%), delivering highly reliable work (51%) and ensuring their work kept data secure (47%) were the top priorities.
For the general public, the priorities reside in data security (62%), data accuracy (55%), and removing serious bugs (55%). In terms of getting the latest features quickly, only 22% of the general public saw this as a priority, with just 33% of engineers ranking rapid work delivery as a key priority.
The investigation also found that some companies are skirting public interest disclosure laws by contractually gagging employees to stop them from making protected disclosures on matters such as legal compliance, miscarriages of justice, environmental damage, and health and safety dangers.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
“Recent developments demonstrate the fundamental importance of software engineers being free to raise the alarm when they become aware of potential wrongdoing; unfortunately our research has highlighted that software engineers are not sufficiently protected when they need to do so,” survey overseer Dr Junade Ali commented.
“From software engineers facing mass retaliation for speaking up and banned gagging clauses still being used, to ‘industry-standard’ software development metrics not considering the public’s risk appetite; this investigation has highlighted systematic and profound issues with society-wide impact, given how integral computers are to all our lives.
“Our investigation has shown a tendency for problems to be swept below the rug until they reach boiling point rather than addressed, this is neither compassionate nor honest for those involved.”
More from TechRadar Pro
- Should your business be investing more in front-line employees?
- Looking for a change? These are the best job sites around
- The retail sector is under threat from… Gmail, WhatsApp and Google Drive?
Benedict has been writing about security issues for over 7 years, first focusing on geopolitics and international relations while at the University of Buckingham. During this time he studied BA Politics with Journalism, for which he received a second-class honours (upper division), then continuing his studies at a postgraduate level, achieving a distinction in MA Security, Intelligence and Diplomacy. Upon joining TechRadar Pro as a Staff Writer, Benedict transitioned his focus towards cybersecurity, exploring state-sponsored threat actors, malware, social engineering, and national security. Benedict is also an expert on B2B security products, including firewalls, antivirus, endpoint security, and password management.