TechTarget

Three-quarters of CSOs say their applications contain security vulnerabilities

Three-quarters of businesses think their applications contain security holes that can be exploited by criminals.

Three-quarters of businesses think their applications contain security holes that can be exploited by criminal...

s.

This is the finding of a survey of 757 organisations by Infosecurity Europe, which will focus on application securityat itsannual exhibition to be held in London from 24 to 26 April.

Interviews conducted by Infosecurity Europe with a panel of 20 Chief Security Officers (CSOs) of large enterprises revealed that they are "very concerned" about the security of application code.

The CSOs said they were especially concerned about the work carried out by developers working on mission-critical web applications outsourced to third parties.

Many of them said that they would welcome an initiative to raise awareness of security among the developer community to make secure software applications a priority.

Howard Schmidt, director Fortify Software and former cybersecurity adviser to the White House, said when organisations develop applications, quality is one of the highest priorities, but security vulnerabilities are seldom recognised or fixed.

"Priority is often given to delivering application features and business benefits without the understanding of fundamental coding errors that lead to security issues," he said.

Business leaders need to set in place business software assurance processes including development practices designed to ensure that their applications are secure, said Schmidt, to protect the data of citizens, customers and shareholders from the new wave of threats from cybercriminals.




CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

This Content Component encountered an error

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close