According to a report recently released by Invicti, the majority of business projects are completed without taking all the necessary security steps. This information comes from the Invicti AppSec Indicator, Fall 2021 Edition report based on a survey of 600 executives and hands-on practitioners across security, development and DevOps. The report revealed how organizations often forgo crucial security protocols to focus on other pressing business matters.
Invicti’s research found that companies are not taking the proper steps to follow security steps due to tight schedules and pressures to innovate. 70 percent of respondents to the survey answered that they either frequently or always complete projects without taking every security step. The result is that one in three issues under remediation make it to production without being caught in the development or test stages.
Security practitioners see the problem, but aren’t able to take enough time to eliminate the issue. According to the respondents, it would take two weeks per security team member on average to address every cybersecurity issue present, and that’s only if they worked on nothing else. 78 percent are forced to perform manual verification of vulnerabilities at least frequently, with respondents calling for increased automation and integrations.
In the company’s press release, Invicti’s President and COO Mark Ralls stated: “While there is a growing recognition that security must be a core element of innovation, organizations continue to struggle to achieve that vision. It’s on leaders to set the tone from the top down and drive culture shifts that increase emphasis on security while equipping teams with the powerful tools and workflows they need to make secure innovation a reality.”
Download your copy of the Invicti AppSec Indicator, Fall 2021 Edition report here.