We are pleased to present the findings of How to Make Application Security a Strategically Managed Discipline sponsored by IBM. The purpose of this research is to highlight the reasons why application security is considered one of the most neglected areas of cybersecurity and why it is important to achieve a risk-based approach to application security management.
Ponemon Institute surveyed 630 individuals in the United States who are involved in application security in their organizations. Most of these respondents are involved in implementing and/or enabling security technologies and setting IT security priorities.
As a threat vector, application risks are a serious concern for organizations. The prevalence of inherent vulnerabilities in applications creates significant exposure for many organizations.
67 percent of respondents state that their IT function does not have visibility into the overall state of application security and most say their application security practices are fragmented and carried out at a low level (65 percent of respondents). Moreover, only 25 percent of respondents rate their organizations’ ability to protect their applications from a security exploit or compromise as highly effective.
2015 Energy Industry Cybersecurity Report
Strategic Cybersecurity: A Toolkit for Prioritizing, Coordinating, and Transforming Your Cybersecurity Program