Citizen Developers the next big Cyber Threat?

Article by TAAP

Gartner predict in 2023 that there will be four times the number of Citizen Developers than Professional Developers. How will this change the Cyber Threat landscape?

What is a Citizen Developer?

A 2020 Gartner survey shows that 41% of employees outside of an IT role fit a description called business technologists — those who customise or build applications, automation and technology solutions for work. Citizen development is the practice of enabling a community of like-minded business technologists using shared No-Code and Low-Code tools to create automation and apps in a safe and scalable way.

Historically if you required applications or software built, you needed to rely upon Professional Developers. This is all changing, Modern software platforms permit Citizen Developers to build advanced software systems and applications without the reliance on Professional Developers. These new software platforms are delivering a 20-50x improvement over the entire SDLC – Software development lifecycle enabling smaller teams and reducing costs.

Citizen Development is a Key Enabler of Digital Transformation

Business units increasingly control their own application development efforts, in which Citizen Developers are playing a crucial role. Application and software engineering leaders must help define and guide Citizen Development to maximize mutual benefits for business and IT.

The Citizen Developer is often a domain expert and understands the data they want to capture, process, transform and report against. By allowing Citizen Developers to create the apps they need, with advanced software platforms, timescales and costs are dramatically reduced versus traditional software development approaches with Professional Developers.

Professional Developers normally work within a team of people that exist to create the apps that are required for the end users to utilise. There is usually some formal specification created that requires a detailed description of the process required alongside cross[1]training of the Professional Developer to help them to understand the needs of the end user, the domain expert. This is often where projects fail, the clarity around requirements. The miscommunication between the end user, Project Manager, Business Analysts, Database Designers, BI Analysts, Front End & Back End developers, Testers & DevOps teams standing up the final application before production.

Citizen Developers using the latest Super Apps and No-Code Low-Code Platforms significantly reduce timescales and costs when compared to traditional software development using Professional Developers.

However, this isn’t the end of the Professional Developer. Citizen Developers can be self[1]sufficient whilst supported by Professional Developers and IT teams. Professional Developers can focus on the more complex challenges and processes, further enabling the Citizen Developers to be able to do more faster and together provide a better overall service to the business operations of the organisation.

TAAP provides a No-Code Platform to help Professional and Citizen Developers to work together more effectively, working as Fusion Teams. These are small targeted focused and efficient groups of individuals with complementary skills that together are helping organisations of every size become agile enterprises.

Cyber Threat from Citizen and Low Code Developers

Cyber and Low-Code developers will have access to your corporate data. Without appropriate Guard Rails and adequate Governance, how will you police the activities of these individuals?

There is an inherent inertia built into the speed at which software is created and developed with traditional Pro Code development resources. It’s slow and requires a higher degree of governance and DevOps management to build, test and deploy applications.

With Citizen Developers and Low Code Developers, you can create applications at the speed of thought and with just an idea, a few hours later you have an app. What if the app developers’ motivation is less than honest? How can you determine and access what is legitimate data flow vs business-sensitive information streaming into the cloud?

Project Management Institute Citizen Developer Programme

The PMI is a not-for-profit organisation which has picked up on the challenges of Citizen Development. They recognise the benefits of No-Code and the importance of good governance. Cyber is often considered a security blanket around the systems and processes that have been created, stopping outside attacks. With this next stage in the evolution of the software applications development industry, Cyber needs to be considered across the board to help eliminate insider attacks and/or the loss of corporate data.

Citizen & Cyber Future

It’s here to stay and its adoption is accelerating. Just make sure you apply solid cyber principles to how you embrace this technology and ensure that its application is a positive incremental benefit and not a ticking bomb.

TAAP – The Agile Application Platform
Find out more at