UK application security programs lagging behind US
Posted on 23 July 2014.
UK enterprises are lagging behind US enterprises when it comes to application security programs. A new IDG study revealed that on average UK companies are spending approximately 21 percent less than US companies of equal size. The study also found that in the UK, 66 percent of internally developed applications remain untested for critical vulnerabilities such as SQL injection.

Enterprises in all industries are delivering new mobile experiences, leveraging the cloud and Big Data analytics, and digitizing their processes. As a result, applications are now the driver of economic growth, and all enterprises are becoming digital businesses. On average, enterprises are internally developing 2,500 applications a year.

In addition to lower spending on application security, the study also showed that UK companies are more likely to focus their application security programs on only a subset of business-critical apps, rather than the entire application portfolio.

Conversely, US organizations are more likely to issue mandates for enterprise-wide application security assessment programs – making programs at US enterprises, on average, more mature than those at UK enterprises.

When application security programs do not extend beyond business-critical applications, enterprises leave thousands of applications vulnerable. This creates long-term security threats as cyber-criminals attack the path of least resistance into an IT infrastructure, without regard to whether the application was business-critical or a little-used web application.

“Companies are becoming better at securing their networks and endpoints, causing cyber-criminals to focus their efforts on the application-layer. As a result, more than half of all successful breaches are attributed to application-layer vulnerabilities,” said Adrian Beck, manager of security program management, EMEA. “Closing the security the gap between the numbers of apps being produced and number that are assessed for security will help UK companies remain competitive in the new application economy.”





Spotlight

Biggest ever cyber security exercise in Europe is underway

Posted on 30 October 2014.  |  More than 200 organisations and 400 cyber-security professionals from 29 European countries are testing their readiness to counter cyber-attacks in a day-long simulation, organised by the European Network and Information Security Agency (ENISA).


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Oct 31st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //