During the Covid-19 pandemic, businesses were rushing to digitally transform and innovate their operations as quickly as possible. While this opened many new doors and generated exciting new business opportunities - it came at a great cost - the compromise of their cybersecurity posture, new research has claimed.
A report from Cisco AppDynamics has claimed while the speed of application development increased exponentially over the last two years, apps have become an “increasingly vulnerable asset.”
“The sheer volume of applications and their assets spread across multiple entities has made monitoring security throughout the DevOps pipeline extremely challenging,” the paper concludes.
Lack of visibility
Based on interviews with 1,150 IT professionals in organizations with at least $500 million in yearly turnover, located in 13 markets and various industries, the report claims businesses in all sectors reported feeling more exposed to security threats.
Today, 89% of technologists agree their organization experienced an expansion in its attack surface in the last two years. For almost half (46%), this is already presenting various challenges.
These challenges, all in relation to application security, include a lack of visibility into attack surfaces and vulnerabilities, keeping pace with a constantly evolving threat landscape, as well as the need to prioritize application development speed over operations and security.
For four in five (81%) technologists, a lack of application security skills and resources is now an issue, and for 78%, the lack of shared vision between app development and security teams is turning into a real application security issue. Consequently, 58% admitted their organization often falling into “security limbo” as they are unclear on what to prioritize and focus on.
Finally, for 93% of technologists, the ability to contextualize security so that they can correlate risk in relation to other key areas (think app performance, end-user experience, or business metrics), is pivotal.
- These are the best endpoint protection tools right now