Over 60% Of Breaches Tied To Flaws In Business-Critical Applications - DarkReading

Secure Software Development Programs are Rare

Survey by Forrester Consulting and Veracode shows businesses struggling to stay on top of application security

Apr 14, 2009 | 03:20 PM
By Kelly Jackson Higgins
DarkReading

If you still don't think security vulnerabilities in software will necessarily catch up with you, think again: 62 percent of organizations in the last 12 months suffered data breaches as a result of bugs being exploited in their major applications, according to a newly released survey.

Forrester Consulting, commissioned by Veracode, surveyed application developers and security and risk professionals in 200 organizations in the U.S. and U.K., and found that secure software development programs are rare -- only 34 percent said they have a software development lifecycle program that integrates security.

"The survey showed that people, process, and culture are the primary inhibitors," says Matt Moynahan, CEO of Veracode, in an interview. "Security is not a core competence of enterprises developing code."

Continue DarkReading