1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Software Security is Not Keeping Up

Discussion in 'Network World' started by RSS, Dec 8, 2015.

  1. RSS

    RSS New Member Member

    We cybersecurity professionals spend a heck of a lot of time in areas like endpoint security, network security, and overall threat management. In the dozen years I’ve been focusing on cybersecurity, this situation hasn’t changed. Unfortunately, this means that we haven’t paid enough attention to software security in the past and we continue to maintain this basic status quo approach today.

    What’s even more troubling is that organizations always seem to believe that the software they develop in far more secure than it actually is. In the recently published ESG research report titled, Cyber Supply Chain Security Revisited, ESG asked 280 cybersecurity and IT professionals working at US-based critical infrastructure organizations how confident they were about their organizations’ internally-developed software (note : I am an ESG employee). Nearly half (47%) said they were “very confident” while another 43% were “somewhat confident.”

    To read this article in full or to leave a comment, please click here

    Continue reading...

Share This Page