Business applications are increasingly under attack from advanced threats and malicious actors that are looking to exploit software vulnerabilities. Organizations are trying to counter these threats by utilizing various controls for securing applications, such as vulnerability scanning, anti-malware software, penetration testing, and identity and access controls. To gain deeper insights into the state of application security, Cybersecurity Insiders conducted an in-depth study in partnership with Cisco in July 2022. The resulting report reveals the latest application security trends, how organizations protect critical applications, and the tools and best practices cybersecurity professionals prioritize.
Key findings include:
• Cybersecurity professionals most frequently mention protection of data (44%) as their key application security concern. This is followed by the challenge of keeping up with the rising number of vulnerabilities (42%), threat and breach detection (38%), and securing cloud apps (37%).
• Customer-facing web applications tops the list of applications introducing the highest security risks (42%), followed by legacy apps (40%). Less frequently mentioned are mobile apps (30%), desktop applications (28%), and internal-facing web apps (26%).
• About a third (36%) of cybersecurity professionals confirm encrypted traffic is a security risk to their environment due to the inability to inspect all traffic and detect threats quickly before they can cause damage. Specifically, cyber professionals are most concerned about hidden malware (63%), lack of visibility (58%), and data loss through exfiltration(37%) as the main problems caused by encrypted traffic.
We would like to thank Cisco for supporting this important research.
We hope you enjoy this report.