Skip to main content

Most security staff have little say in app security

security
(Image credit: Shutterstock / Song_about_summer)

Security staff in global businesses don’t have much of an influence when it comes to budgeting and developing secure applications, according to a new report from cybersecurity firm Radware.

As a result, businesses are having a hard time maintaining consistent application security across multiple platforms and API security is now the biggest threat to enterprises, the report claims.

Polling 205 decision-makers from businesses with at least 1,000 employees, Radware found that security staff are not the primary influencer of application development architecture or budget in the vast majority (90 percent) of cases.

As a result, just over a third (36 percent) of mobile apps have security fully integrated, with four in ten saying the majority of their apps are exposed to the internet or third-party services through APIs.

More than half of businesses experience DoS attacks against their APIs at least once a month, while 49 percent suffer an injection attack in the same timeframe. More than four in ten (42 percent), meanwhile suffer at least one element/attribute manipulation per month.

“With 2020’s rapid cloud migration, we were surprised to see the pervasiveness across organizations of dangerous levels of insecurity in mobile and cloud-based apps, as well as APIs,” said Michael Osterman of Osterman Research, who participated in the making of the report.

Sead Fadilpašić

Sead is a freelance journalist with more than 15 years of experience in writing various types of content, from blogs, whitepapers, and reviews to ebooks, and many more, across sites including Al Jazeera Balkans, TechRadar Pro, IT Pro Portal, and CryptoNews.