Empowering teams to deliver customer-centric security
The Challenge
As they continued to scale their software and expand their cloud offerings, Sage, like other software organisations, faced increasingly varied security threats. The company does the right thing when it comes to security, believing strongly in their commitment to their customers, and in being the custodian of their customers’ data. Sage understands that the foundation of customer trust is secure and reliable software.
So as Sage grew—along with the complexity of its tech stack—a need emerged for an enhanced focus on security across the organization.
Rather than rely on a siloed security team, leaders at Sage landed on an ambitious goal: to build a culture of trust in which every colleague, particularly those in engineering teams, feels empowered and confident when it comes to security.
Who they are
Sage exists to knock down barriers so everyone can thrive, starting with the millions of small and mid-sized businesses served by them, their partners, and accountants. Customers trust their finance, HR, and payroll software to make work and money flow. By digitizing business processes and relationships with customers, suppliers, employees, banks, and governments, their digital network connects SMBs, removing friction and delivering insights. Knocking down barriers also means Sage use their time, technology, and experience to tackle digital inequality, economic inequality, and the climate crisis.
Sage by the numbers
founded in 1981
Headquartered in North Tyneside, UK
23 global offices
2 million global customers
Security is for everyone
“We want everybody at Sage to understand that the culture at Sage is one where everybody is empowered and confident when it comes to security, no matter what role you're working in.”
Madeline (Mads) Howard, People-centered Security Lead at Sage
The Solution
Better upskilling. Better security. Better business outcomes.
After partnering with Pluralsight to roll out their upskilling program, Sage saw big improvements in security proficiency on their engineering team. There was an enormous drop in the time it took to fix security vulnerabilities, showing that developers have written fewer new vulnerabilities and had more time to fix old ones.
A new enthusiasm for security immediately became visible in Sage’s culture. Although well-established, the company’s Security Champion Network was placed on a more strategic footing with dedicated support, training, and organisation designed to empower engineering teams and build security capability. This network is a group of 180 engineering employees—developers, testers, architects, and more—who drive transparency and consistent communication between security and product. These engineers dedicate 3.5 hours a week to helping the security team implement new tooling, raising security issues, and serving as a general point of contact for the organisation.
In an effort to simplify their complex tech stack and better secure their org, Sage leveraged the power of Pluralsight’s upskilling solution. From vast content libraries that allowed them to upskill on all areas of their tech stack to Skill IQ, which provides data-driven insights on upskilling progress and areas for improvement, Sage team members received learning experiences tailored to the company’s needs and their current proficiency. Leaders derived immense value from Pluralsight’s KPI measurement capabilities, using our platform to accurately measure the impact of upskilling efforts on Sage’s products. A defining feature of the success of the programme was the engagement between the two organisations to achieve Sage’s goal—to build a culture of trust where all colleagues are empowered when it comes to security.
The key benefits of Pluralsight for Sage
Consolidation
Sage has empowered their engineering workforce to continuously upskill within the unified Pluralsight platform.
Consistent training
Over 1,300 Sage engineering employees learn new skills weekly and stay accountable to quarterly upskilling goals, with 60% of team members doing more than the recommended courses.
Better measurement
Pluralsight Skills helps Sage employees track their learning progress and map the impact of upskilling efforts to delivery outcomes.
Faster security fixes
Since partnering with Pluralsight, Sage has seen a staggering 82% reduction in time to address security vulnerabilities.
Community matters
"We're really able to create that community of Pluralsight users within the business who can share learnings and recommend courses across the globe, which really helps enable our teams to feel like they're part of a bigger thing."
Madeline (Mads) Howard, People-centered Security Lead at Sage
The next steps
Building a culture of continuous learning
Sage’s security by design philosophy was supported by Pluralsight’s upskilling platform. They’ve continued scaling their software, but they’re now armed with better security knowledge and the confidence to tackle any vulnerabilities that may arise.
Meanwhile, Sage has firmly embedded a focus on security on a cultural level. Engineers at Sage are still using Pluralsight Skills for consistent upskilling—not only in security, but across our full spectrum of tech topics—that expands their skillsets and reinforces a culture of continuous learning and improvement. The objective for Sage was to build measureable security capability over time, rather than create a tick box exercise for training.
As employees continue to learn enthusiastically, the company is aiming to build out comprehensive security Skill IQs and Role IQs for each of its technology stacks. All in all, the Pluralsight upskilling solution continues to spark curiosity and confidence by helping Sage employees make continuous tech skill development a core part of everyday life.
Ongoing partnership and support
"They really understand what we want to do as a business, our ambitions, and what we want to get out of the platform. We don't know the platform as well as Pluralsight does. Knowing you've got somebody that can show you the features and help you deliver the most effective program you can is 100% a partnership, it's not just us purchasing something."
Madeline (Mads) Howard, People-centered Security Lead at Sage