Outsource your code & you're more likely to be hacked

In the report, financial services companies are identified as the most likely to outsource their code development needs and therefore could be putting themselves at serious risk, with 72 percent reporting that they outsource more than 40 percent.

Disturbingly, 84 percent of these organisations report that code development is business critical or important.

Public sector organisations are also big outsourcers, with 55 percent outsourcing over 40 percent of their code development.  

Also, 64 percent stating code development is only of moderate importance to them.

At the other end of the scale are utility companies - the highest of all the industries to cite software development as business critical or important at 90%, however just 7 percent outsource more that 8 percent of code development.

Fran Howarth, Principal Analyst at Quocirca and author of the report said: “The findings of this report indicate that not enough is being done by organisations to build security into the applications on which their businesses rely. Not only that, but they are entrusting large parts of their application development needs to third parties. This creates an even greater onus for organisations to thoroughly test all code generated for applications - without which they could be playing into the hands of hackers.”

The fact that software applications contain flaws that can be exploited by hackers is nothing new. That organisations are increasingly reliant on bespoke applications to maintain a competitive edge, and are outsourcing a significant proportion of the coding for these applications to third parties, is an alarming trend.

That said, German organisations are better at building in security than both their UK and US counterparts. As electronic crime continues to increase, organisations are under pressure to be seen to be more proactive about IT security.  This is not only something that makes common sense but also is increasingly a requirement being placed on organisations across a wide range of industries by governments and industry regulators.