Three-quarters of businesses think their applications contain security holes that can be exploited by criminal...
This is the finding of a survey of 757 organisations by Infosecurity Europe, which will focus on application securityat itsannual exhibition to be held in London from 24 to 26 April.
Interviews conducted by Infosecurity Europe with a panel of 20 Chief Security Officers (CSOs) of large enterprises revealed that they are "very concerned" about the security of application code.
The CSOs said they were especially concerned about the work carried out by developers working on mission-critical web applications outsourced to third parties.
Many of them said that they would welcome an initiative to raise awareness of security among the developer community to make secure software applications a priority.
Howard Schmidt, director Fortify Software and former cybersecurity adviser to the White House, said when organisations develop applications, quality is one of the highest priorities, but security vulnerabilities are seldom recognised or fixed.
"Priority is often given to delivering application features and business benefits without the understanding of fundamental coding errors that lead to security issues," he said.
Business leaders need to set in place business software assurance processes including development practices designed to ensure that their applications are secure, said Schmidt, to protect the data of citizens, customers and shareholders from the new wave of threats from cybercriminals.