Empowering teams to deliver customer-centric security
The Challenge
As they continued to scale their software and expand their cloud offerings, Sage, like other software organizations, faced increasingly varied security threats. The company does the right thing when it comes to security, believing strongly in their commitment to their customers and being the custodian of their customers’ data. Sage understands that the foundation of customer trust is secure and reliable software.
As Sage grew—along with the complexity of its tech stack—a need emerged for an enhanced focus on security across the organization.
Rather than rely on a siloed security team, leaders at Sage landed on an ambitious goal: build a culture of trust in which every colleague, particularly those in engineering teams, feels empowered and confident when it comes to security.
Who they are
Sage exists to knock down barriers so everyone can thrive, starting with the millions of small and mid-sized businesses served by them, their partners, and accountants. Customers trust their finance, HR, and payroll software to make work and money flow. By digitizing business processes and relationships with customers, suppliers, employees, banks, and governments, their digital network connects SMBs, removing friction and delivering insights. Knocking down barriers also means Sage use their time, technology, and experience to tackle digital inequality, economic inequality, and the climate crisis.
Sage by the numbers
founded in 1981
Headquartered in North Tyneside, UK
23 global offices
2 million global customers
Security is for everyone
“We want everybody at Sage to understand that the culture at Sage is one where everybody is empowered and confident when it comes to security, no matter what role you're working in.”
Madeline (Mads) Howard, People-centered Security Lead at Sage
The Solution
Better upskilling. Better security. Better business outcomes.
After partnering with Pluralsight to roll out their upskilling program, Sage saw major proficiency improvements. There was a huge drop in the time it took to fix security vulnerabilities, showing that developers wrote fewer new vulnerabilities and had more time to fix old ones.
A new enthusiasm for security immediately became visible in Sage’s engineering culture. The company formed the Security Champion Network, a group of 180 engineering employees—developers, testers, architects, and more—who drive transparency and consistent communication between security and product. These engineers dedicate 3.5 hours a week to helping the security team implement new tooling, raising security issues, and serving as a general point of contact for the organization.
Sage leveraged the power of Pluralsight Skills to simplify their notoriously complex tech stack and better secure their org. From vast content libraries that allowed them to upskill on all areas of their tech stack to Skill IQ, which provides data-driven insights on upskilling progress and areas for improvement, Sage team members received learning experiences tailored to the company’s needs and their current proficiency. Leaders derived immense value from Skills’ KPI measurement capabilities, using the platform to accurately measure the impact of upskilling efforts on Sage’s highest-risk products.
The key benefits of Pluralsight for Sage
Culture of security
Sage has seen measurable increases in time spent learning about security and receptiveness to security iniatives.
Consistent training
Over 1,300 Sage engineering employees learn new skills weekly and stay accountable to quarterly upskilling goals, with 60% of team members doing more than the recommended courses.
Tighter teamwork
Technical teams can be proactive, rather than reactive, with security, freeing up time for innovation and collaboration.
Faster security fixes
Since partnering with Pluralsight, Sage has seen a staggering 82% reduction in time to address security vulnerabilities.
Community matters
"We're really able to create that community of Pluralsight users within the business who can share learnings and recommend courses across the globe, which really helps enable our teams to feel like they're part of a bigger thing."
Madeline (Mads) Howard, People-centered Security Lead at Sage
The next steps
Building a culture of continuous learning
Pluralsight Skills supports Sage’s security by design philosophy. Sage has continued scaling software, now armed with better security knowledge and the confidence to tackle any vulnerabilities that may arise.
Meanwhile, a focus on security is firmly embedded on a cultural level. Engineers at Sage are still using the platform for consistent upskilling—in security and across the full spectrum of tech topics—that expands their skill sets and reinforces a culture of continuous learning and improvement. As employees keep learning enthusiastically, the company is aiming to build out comprehensive security Skill IQs and Role IQs for each of its technology stacks.
Sage acknowledges that it takes time, attention, and effort for a company culture to change. They’ve made the effort to understand their current one and map out key priorities. And Pluralsight Skills continues to spark curiosity and confidence by helping employees make continuous tech skill development a core part of everyday life.
Ongoing partnership and support
"They really understand what we want to do as a business, our ambitions, and what we want to get out of the platform. We don't know the platform as well as Pluralsight does. Knowing you've got somebody that can show you the features and help you deliver the most effective program you can is 100% a partnership, it's not just us purchasing something."
Madeline (Mads) Howard, People-centered Security Lead at Sage