IT disaster recovery, cloud computing and information security news

Checkmarx released its Global Pulse on Application Security study at the 2023 RSA Conference in San Francisco. Developed with Censuswide, the research uncovered global trends around current security challenges faced by CISOs, application security (AppSec) leaders and software developers as migration to the cloud and digital transformation have become enterprise imperatives.

The Checkmarx survey of over 1,500 CISOs, AppSec managers, and software developers around the world uncovered some troubling statistics. The research showed 86 percent of surveyed software developers and AppSec managers have or know someone who has knowingly deployed vulnerable code; and 88 percent of AppSec managers surveyed have experienced at least one breach in the prior year as a direct result of vulnerable application code. The shift toward modern development practices that incorporate microservices and serverless technologies, container security and infrastructure as code (IaC) are multiplying the potential attack surface, thereby identifying critical new priorities for application security.

CISOs surveyed see the highest-priority security risks at their organizations as being:

  • Increased use and exposure of APIs (37 percent)
  • Open source software supply chain risks (i.e., malicious code) (37 percent)
  • Application containerization risks (37 percent)
  • Open source software risks (36 percent)
  • Infrastructure-as-code risks (36 percent).

Surveyed AppSec managers who have experienced breaches say that the top three causes include:

  • Open source software supply chain attacks (41 percent)
  • Stolen credentials, secrets or weak authentication/authorization (40 percent)
  • Known and/or unknown vulnerabilities in code released to production (39 percent).

More details.

Want news and features emailed to you?

Signup to our free newsletters and never miss a story.

A website you can trust

The entire Continuity Central website is scanned daily by Sucuri to ensure that no malware exists within the site. This means that you can browse with complete confidence.

Business continuity?

Business continuity can be defined as 'the processes, procedures, decisions and activities to ensure that an organization can continue to function through an operational interruption'. Read more about the basics of business continuity here.

Get the latest news and information sent to you by email

Continuity Central provides a number of free newsletters which are distributed by email. To subscribe click here.