In Episode 2 of the DevSecOops podcast, hosts Tom Walker, James Vincent, and Scott Fletcher explored one of the biggest yet most overlooked challenges in organisations today: how to make the right decisions, especially when business, technology, and security priorities clash or collide.

So, how can organisations balance these three?

Equal Understanding on All Fronts

The conversation kicked off with a message that many tech professionals need to hear: understand the business context. James stressed that technical solutions don’t mean much if they aren’t tied to addressing a business problem. Too often, tech and IT teams become focused on pursuing the latest and smartest technologies without first considering the more important question, what does the business actually need?

Likewise, executives need to understand technical risks. Scott shared his take on a common frustration: the perception that tech and IT teams are blockers who always say ‘no.’ Such notion often stems from both sides speaking different languages. According to him, mutual understanding and empathy are keys to making the right decisions and business alignment.

Pressures From All Sides

Adding to that, Tom painted a clear picture of the external factors influencing organisational decisions. With the continuing economic uncertainty, there is a growing pressure for organisations to do more with less. There is also the rapid technological change and the increasing attacks, all of which are stretching organisations to make strategic decisions more than ever.

But it’s not just the external factors that’s creating pressure for organisations. Workforce dynamics and budget cuts also pose a critical challenge. When the right skills and adequate resources aren’t available, organisations struggle to keep up with the demands, projects slow down, and things start to fall behind. This creates vulnerabilities, leaving organisations exposed to larger risks.

Security as a Strategic Driver

Security must not be just a technical layer, but is something that is woven in an organisation’s day-to-day operations. Scott concluded that treating security as a core business function will enable progress, helping organisations move faster and more confidently.

Making Value Visible

Still, James acknowledged how difficult it can be to justify putting money into security initiatives. While risk reduction and operational resilience are vital, they don’t offer immediate financial returns and are hard to quantify.

This is why getting executives to view security not as an isolated IT concern, but as a business priority matters. Only then could organisations ensure that their priorities are aligned with their goals, whether short-term or long-term.

Open Dialogue as as a Core Value

Indeed, the right and strong decisions are built on open communication. Tom threw in a classic metric he used during his retail days, ‘how does this help us sell more baked beans?’ to highlight that all decisions must support a clear business outcome. From the tech teams to the boardroom, everyone should be able to explain how their decisions impact customer value, boost efficiency, or manage risk. When people across the organisation start speaking the same language, it’s easier to stay on the same page and make smarter, more focused choices.

Final Thoughts

Truly, making the right decision takes more than ensuring financial security and operational efficiency. It requires a shared understanding and keeping an open dialogue. It is never about eliminating disagreement, but creating more spaces for discussing differences and transforming it to better and effective decisions.