Application Security Programs On the Rise, Skills Lacking: A SANS Survey

  • Wednesday, 12 Feb 2014 1:00PM EST (12 Feb 2014 18:00 UTC)
  • Speakers: Will Bechtel, Frank Kim, Erik Peterson, Ryan English

Learn what 488 IT professionals have to say in the 2014 Application SecurityPrograms and Practices survey. Results indicate an increase in number oforganizations with a formal application security program in place. Approximately83% of respondents (up from 66%) have an Appsec program in place, and more than37% (up from 33%) have a program that has been operating for more than five years.

In the survey, more than 35% of respondents test the security of theirbusiness-critical applications on an ongoing basis, up from 23% in last year'ssurvey. And, encouragingly, only a small percentage (fewer than 3%) of respondents left application security to chance and did not test at all.

The survey also found that a lack of qualified staff and lack of skills are seen as the major inhibitors to instituting Appsec programs. Learn these and other valuable and surprising insights into the challenges that organizations face today in implementing a successful Appsec program. Hint: It's not only funding and getting management buy-in. There are other, more fundamental problems that are preventing people from taking care of security where it makes the most difference, particularly upfront in design and development.

Click here to view the associated whitepaper.