Independent survey finds enterprises at-risk from insecure software
Posted on 15 April 2009.
Veracode announced the findings of an independent commissioned study conducted by Forrester Consulting - Application Risk Management in Business Survey. The survey revealed that enterprises are struggling to protect their organizations from the costly and growing threat of application security breaches.

The study interviewed development, security and risk professionals across the US & UK, and confirmed that risk associated with insecure software is a very real concern and a top priority for management and developers alike.

The survey of nearly 200 businesses, found that more than 62% of organizations have experienced a security breach in the past 12 months due to exploitation of vulnerabilities in their critical software applications. The study also found that while companies feel they know the make-up and business criticality of their mixed application portfolios, there is little confidence in the security quality of their applications.

Other key findings:
  • Few companies know the security quality of business critical applications.Only 13% of respondents know the security quality of all their business applications which they deem critical to the enterprise
  • Enterprises are increasing scrutiny on ISVs and outsourcers for delivering secure code.60% of respondents stated they are actively incorporating (or have already adopted) third party security assessments as part of software procurement processes for COTS or outsourced code.
  • Security as part of the software development process is not widely practiced.Only 34% of companies have a comprehensive SDLC process which integrates application security.
  • Most enterprises lack formal secure development training programs.57% of organizations doné─˘t have systematic training programs addressing application security training for their developers.
  • Security spending is not immune to economic conditions.64% of respondents stated that while application security is important to them, they are struggling to meet the challenge on existing budgets.





Spotlight

eBook: Cybersecurity for Dummies

Posted on 16 December 2014.  |  APTs have changed the world of enterprise security and how networks and organizations are attacked. These threats, and the cybercriminals behind them, are experts at remaining hidden from traditional security while exhibiting an intelligence, resiliency, and patience that has never been seen before.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Thu, Dec 18th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //