Is poor software development the biggest cyber threat?

The U.S. Department of Homeland Security (DHS) states that 90 percent of security incidents result from exploits against defects in software.  That’s a big statement – and it implies that poor software development may be the biggest cyber threat of all.
You have to wonder if that’s an isolated finding in the context of DHS’s own experience – or do CISOs, IT security professionals, researchers and analysts, software developers, and application vendors agree?
The “Forrester Wave: Application Security Report”, which evaluates vendors for security and risk professionals, says many firms have rushed to bring applications online, building out consumer-facing websites, buying commercial off-the-shelf (COTS) products, and developing mobile applications to enable and engage with their customers and partners without thinking about the security of the application itself. As a consequence, businesses are exposing their most sensitive corporate and customer data to possible external threats and breaches.

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s