84% of UK technologists admit that the rush to rapidly innovate and respond to the changing needs of customers and users has come at the expense of robust application security during software development, according to new Cisco AppDynamics research, “The shift to a security approach for the full application stack.”
The research reveals that 83% of technologists working with the UK report that their organization has experienced an expansion in its attack surfaces over the last two years. As IT teams have accelerated release velocity and built more dynamic applications across more platforms, application security hasn’t kept pace. And 50% of technologists admit that their organization often ends up in “security limbo” because they don’t know what to focus on and prioritize.
However, organizations are now looking ahead and are willing to break down the silos within the IT department and bridging the gap between IT operations and security. 34% of UK technologists have already started taking a DevSecOps approach, however, 51% are currently considering making the shift.
The shift to a security approach for the full application stack” research was conducted between July and August 2022 and includes finding from 1,150 IT professionals interviewed across 13 markets worldwide, including the UK.
Key UK-specific takeaways from the report include:
Top UK applications security challenges for 2023 include: Contextualizing security so they can correlate risk and prioritise fixes based on potential impacts and lack of visibility into attack surfaces
72% of UK technologists report that a lack of application security skills and resources is now an issue for their organisations
69% feel that their organisation is vulnerable to a multi-staged security attack over the next 12 months
88% believe that it’s important to be able to contextualize security
More than a third (34%) of UK technologists report that their ITOps teams only collaborate with security teams when there is a potential issue if at all
72% of UK technologists state that the implementation of a security approach for the full application stack is now a priority for their organisation