TMCnet News
|
New Research from ESG and Mend.io Reveals Key Best Practices for Application Security Effectiveness
Eighty-five percent of respondents agree application security is a board-level priority, yet barely half are capable of effectively remediating a critical vulnerability
TEL AVIV, Israel and BOSTON, Oct. 17, 2023 /PRNewswire/ -- New research sponsored by Mend.io and conducted by TechTarget's Enterprise Strategy Group (ESG) found application security programs struggle to scale to meet the demand brought about by rapid development. The report, "Optimizing Application Security Effectiveness," found just 52 percent of companies surveyed say they can effectively remediate critical vulnerabilities and only 41 percent are confident they can manage the security and compliance risks associated with open-source components.
"Barely half of organizations can effectively remediate critical vulnerabilities. That's concerning," notes Melinda Marks, Practice Director, Cybersecurity, Enterprise Strategy Group. "This means the other 48 percent are at serious risk from malicious attacks, including malware, ransomware, and data loss."
Crucially, effective remediation pays off when it comes to the most important KPI: application safety. Companies that report the ability to efficiently remediate vulnerabilities were nearly twice as likely to say they have not experienced any serious security incidents tied to a software vulnerability/web application exploit in internally developed applications over the last 12 months.
The research also revealed important trends and best practices among companies that can effectively remediate vulnerabilities. "We wanted to know what companies could learn from the 52 percent who can effectively remediate a vulnerability," Marks says, "so we did the analysis and identified several best practices."
Application Security is a Priority…and Business Risk
For those who've experienced a security incident in the past 12 months, consequences included application downtime (46 percent), unauthorized access to applications or data (38 percent), malware (34 percent) and data loss (34 percent).
Best Practices Enabling Efficient Remediation of Critical Vulnerabilities
Survey findings indicate key patterns among the organizations that could efficiently remediate critical vulnerabilities compared to those who could not. The research shows that effective programs:
"As businesses modernize their development processes to increase productivity, security must keep pace," said Rami Sass, co-founder and CEO, Mend.io. "This research has revealed important insights that show progress is being made when it comes to best practices. Those organizations that embrace DevOps, utilize modern tools to automate security workflows, prioritize open source vulnerabilities, and understand what's in their code demonstrate a stronger ability to effectively manage application risk and security."
The full report is available here.
Methodology:
About Mend.io
View original content:https://www.prnewswire.com/news-releases/new-research-from-esg-and-mendio-reveals-key-best-practices-for-application-security-effectiveness-301958675.html
SOURCE Mend.io
07/30/2010
Keynote Presentation: How One City Got Smarter Using IoT
Date: 2/14/24
Time: 9:30-10:00am
Special Presentation TBA
Date: 2/13/24
Time: 4:00-4:45pm
ITEXPO #TECHSUPERSHOW Exhibitor Move Out
Date: 2/16/24
Time: 8:00am-12:00pm