78% of CISOs Concerned About AppSec Manageability

A substantial 78% of CISOs have expressed concerns about the current unmanageability of application security attack surfaces, emphasizing the need for improvement.
The figure comes from Application Security Posture Management firm Cycode's inaugural The State of ASPM 2024 report.
The research, drawn from a survey of 500 US CISOs, AppSec Directors and DevSecOps team members, underscores the existing challenges in AppSec.
The report revealed a significant issue concerning strained relationships between security and development teams, with 90% of respondents recognizing the need for improvement.
Interestingly, 77% of CISOs perceive software supply chain security as a more substantial blind spot for AppSec than emerging technologies like generative AI or open source.
A notable challenge highlighted in the research is the prioritization of AppSec risks and activities.
An alarming 85% of CISOs acknowledge that development teams grapple with vulnerability noise and alert fatigue, hindering collaboration.
This alert fatigue, recognized by 88% of respondents, also results in developers neglecting critical vulnerability remediation, posing a significant security risk.
The report emphasized the ambiguity surrounding application security responsibilities within organizations.
A substantial 77% of respondents find it challenging to determine ownership of application security, indicating the need for greater clarity in this domain.
Addressing the multifaceted issues contributing to strained relationships, the report notes that managing multiple security tools poses a challenge for 75% of security professionals due to their inherent complexity.
More information about securing AI and the software supply chain is available in this analysis by Sonatype developer advocate Dan Conn..


This Cyber News was published on www.infosecurity-magazine.com. Publication date: Wed, 06 Dec 2023 17:00:29 +0000


Cyber News related to 78% of CISOs Concerned About AppSec Manageability

Proofpoint's CISO 2024 Report: Top Challenges Include Human Error & Risk - In Proofpoint's 2024 Voice of the CISO report, the cybersecurity company found that CISOs are dealing with people-centric threats more than ever. Plus, cybersecurity budgets often don't change, and AI can help and hurt CISOs' efforts. Regarding the ...
6 months ago Techrepublic.com
Human error still perceived as the Achilles' heel of cybersecurity - While fears of cyber attacks continue to rise, CISOs demonstrate increasing confidence in their ability to defend against these threats, reflecting a significant shift in the cybersecurity landscape, according to Proofpoint. CISOs' confidence is ...
6 months ago Helpnetsecurity.com
CISOs See Software Supply Chain Security As Bigger Blind Spot Than GenAI: Cycode - PRESS RELEASE. SAN FRANCISCO, Dec. 06, 2023 - Cycode, the leader in Application Security Posture Management, today announced the inaugural State of ASPM 2024 report, the industry's first. The research found that AppSec chaos reigns, with 78% of CISOs ...
11 months ago Darkreading.com
Alert fatigue puts pressure on security and development teams - Security practitioners are under a tremendous amount of pressure to secure today's applications, according to Cycode. The research found that AppSec chaos reigns, with 78% of CISOs responding that today's AppSec attack surfaces are unmanageable and ...
11 months ago Helpnetsecurity.com
How the Evolving Role of the CISO Impacts Cybersecurity Startups - It helps startups striving to meet the ever-evolving needs of CISOs, who are simultaneously seeking the elusive but paramount buy-in from business users and executives. The CISO role has evolved dramatically in the past few years in response to ...
1 year ago Darkreading.com
Security tools fail to translate risks for executives - Organizations are struggling with internal communication barriers, which hinder their ability to address cybersecurity threats, according to Dynatrace. The results indicate that CISOs encounter challenges in aligning security teams with the C-suite, ...
6 months ago Helpnetsecurity.com
78% of CISOs Concerned About AppSec Manageability - A substantial 78% of CISOs have expressed concerns about the current unmanageability of application security attack surfaces, emphasizing the need for improvement. The figure comes from Application Security Posture Management firm Cycode's inaugural ...
11 months ago Infosecurity-magazine.com
The New CISO: Rethinking the Role - Dating back to the 1990s, the role of CISO was more technical and IT-focused. CISOs face more risks than can be resolved, are expected to balance security with operational capability, and must convince leaders to invest in protection. Today, CISOs ...
8 months ago Darkreading.com
Soft Skills Every CISO Needs to Inspire Better Boardroom Relationships - In a recent survey of CISOs, 86% of respondents said the role has changed so much that it's almost become a different job altogether from what it once was. In addition to their traditional responsibility of defending organizations from an ...
11 months ago Darkreading.com
Overtaxed State CISOs Struggle with Budgeting, Staffing - Though the number of scarily understaffed offices has dropped — just two respondents reported having one to five full-time employees, down from six in 2022 — more than half of state CISOs report that their staff lack the competencies necessary to ...
2 months ago Darkreading.com
What do CISOs need to know about API security in 2024? - According to Postman's 2023 State of the API Report, roughly 66% of participants indicated that their APIs contribute to generating revenue. A recent ESG survey on API security showed that 92% of organisations using APIs have experienced a breach in ...
11 months ago Cybersecurity-insiders.com
Navigating the New Age of Cybersecurity Enforcement - Many equate this move as akin to a bomb going off for people working in the CISO role. CISOs are now faced with unprecedented potential liability risks, prompting the need for a proactive approach to legal exposure for security executives. To shed ...
10 months ago Darkreading.com
Why CISOs and CIOs Should Work Together More Closely - Although there are overlaps in the goals and responsibilities of the CIO and the CISO, there are also challenges that get in the way of a more cohesive relationship, including reporting lines, organizational structures, budgets, and risk appetites. A ...
11 months ago Feedpress.me
What CISOs Need to Know About Data Privacy in 2024 - While consumers continue to demand stronger personal data protections, companies are scrambling to keep track of an ever-evolving patchwork of applicable laws and regulations. In this environment, cybersecurity professionals need to understand the ...
10 months ago Cybersecurity-insiders.com
Developers behaving badly: Why holistic AppSec is key - A recent survey shows that untested software releases, rampant pushing of unvetted and uncontrolled AI-derived code, and bad developer security are all culminating to seriously expand security risks across software development. Add in the explosion ...
11 months ago Securityboulevard.com
How CISOs Can Secure High-Level Executives: Keys to Consider - Securing high-level executives is a difficult task for CISOs for a number of reasons. Executives often have access to a large amount of sensitive data and play a critical role in an organization’s success, so protecting them from cyber threats is ...
1 year ago Csoonline.com
CISOs Reconsider Their Roles in Response to GenAI Integration - Chief information security officers face mounting pressure as cyberattacks surge and complexities surrounding the implementation of GenAI and AI technologies emerge. The vast majority - 92% - of the 500 CISOs surveyed by Trellix admitted they are ...
6 months ago Securityboulevard.com
Fewer cybersecurity professionals losing their jobs in breach 'blame' game - Cybersecurity job loss after a major incident is becoming less likely as organizations drop the "Blame" game for more practical approaches to breach prevention, a survey of 500 CISOs shows. More than 95% of CISOs reported their teams received greater ...
1 year ago Scmagazine.com
Top 3 Priorities for CISOs in 2024 - As the new year begins, CISOs gather with their security teams and corporate management to scope out top priorities for 2024 and how to address these issues. This year - with a multitude of new privacy laws, Securities and Exchange Commission ...
10 months ago Darkreading.com
Change From Within: 3 Cybersecurity Transformation Traps for CISOs to Avoid - Whether they're earned or not, there are certain stigmas associated with chief information security officers: They work in isolation, with only a vague sense of how various departments contribute to the organization's greater good. Does this describe ...
1 year ago Darkreading.com
How to Minimize Friction in the Cyber Compliance Certification - Certification has always been a great way for companies to establish trust with their customers. While there's certainly an argument to be made that certification doesn't necessarily make your company more secure, today's buyers need to know that ...
11 months ago Cybersecuritynews.com
The CISO Role Is Changing. Can CISOs Themselves Keep Up? - The role of chief information security officer has expanded in the past decade thanks to rapid digital transformation. Now CISOs have to be far more business-oriented, wear many more hats, and communicate effectively with board members, employees, ...
8 months ago Darkreading.com
CISOs Growing More Comfortable With Risk, But Better C-Suite Alignment Needed - PRESS RELEASE. SANTA CLARA, Calif., June 25, 2024 /PRNewswire/ - Netskope, a leader in Secure Access Service Edge, today published new global research that finds that shifts in the cyber threats landscape have changed the way today's Chief ...
5 months ago Darkreading.com
Legit Posture Score empowers security teams to measure and manage their AppSec posture - Help Net Security - This new feature further enhances the Legit ASPM platform, providing security and development teams with the ability to measure, compare, and improve their application security posture over time, ensuring their software factories and applications in ...
2 months ago Helpnetsecurity.com
What Do CISOs Have to Do to Meet New SEC Regulations? - Ilona Cohen, Chief Legal and Policy Officer, HackerOne: It is never an easy time to be a chief information security officer, but the past few months have felt particularly challenging. The recent charges from the US Security and Exchange Commission ...
11 months ago Darkreading.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)