Reducing Enterprise Application Security Risks

Reducing Enterprise Application Security Risks:
More Work Needs to Be Done

Ponemon Institute partnered with WhiteSource to survey over 600 IT and security practitioners to learn why business-critical applications remain at high risk.

Attacks on the application layer are a major
concern
for IT and security professionals, now more than ever,
especially when it comes to high performers.

What Kind of Attacks Concern Your Organization the Most?

Unfortunately, there is a major gap between perceived
risk and allocated budget
in most organizations. The largest
gap is seen in AppSec, where budget allocation is far lower than the
perceived level of risk.

Gaps in Security and the Allocation of Spending

Meanwhile, security debt continues to rise with 32% of
respondents admitting to a 12 month backlog of
un-remediated vulnerabilities.

How Long Did It Take To Remediate the Vulnerabilities Backlog?

Reducing security debt to ensure security risks are addressed swiftly and
efficiently demands security and development teams work together,
throughout the entire SDLC.
Unfortunately, research results show that as many as 86% of
respondents
state there is only some or no
collaboration between teams.

What best describes the nature of collaboration between your organization’s application development and security teams?

Attacks on the application layer are a major concern for IT and security professionals, now more than ever, especially when it comes to high performers.

Unfortunately, there is a major gap between perceived risk and allocated budget in most organizations. The largest gap is seen in AppSec, where budget allocation is far lower than the perceived level of risk.

Want to learn more about barriers to addressing application security risks,
and how to overcome them?