A new survey by the Ponemon Institute reveals a disconnect between the C-suite and IT when it comes to application security. A high percentage of executives believe that their application development process follows security best practices at every step along the way, but a much smaller percentage of IT pros said the same.
Similarly, three-quarters of executives said their enterprises was complying with secure application architecture guidelines, but just 23 percent of technicians and staff agreed. Also, 51 percent of those surveyed said their organization did not have a security training program.
"The most effective way to reduce application security risk is to implement a formal, repeatable development process that includes secure coding standards to enable the early detection and remediation of vulnerabilities," advised the report. "The findings of this study reveal the need for making greater investment in application security programs to reduce overall organizational exposure to cybercrime."