Despite widespread concerns over data security, half of firms lack CSOs
While nearly three quarters of developers worry about the security of their applications and 85 percent rank security as very important in the coding and development process, nearly half of their teams lack a dedicated cyber security expert, according to new research from security company WhiteHat Security.
The company surveyed 103 technology professionals in November 2019, and while 57 percent feel their teams have the right application security tools in place to incorporate security into the software development lifecycle (SDLC), 14 percent do not feel that they’ve been given the proper solutions to do so.
For those respondents who do use application security tools, 33 percent scan for vulnerabilities daily, 29 percent weekly and 20 percent monthly. That means 82 percent scan their applications monthly at a minimum. The remaining 18 percent scanned either quarterly, annually or at random.
Surprisingly, 43 percent of respondents still focus on meeting application release deadlines over security, the report said. Often, pressures to deliver a functional application by these dates cause coders to take security shortcuts or disregard it altogether, it said.
However, 57 percent of the respondents realize that application security should be a key part of the SDLC, and are prioritizing security practices over demanding deadlines.
On the other hand, more than half (52 percent) of participants have experienced burnout as a result of the intense pressures to deliver applications on time—and securely.