CISOs See Software Supply Chain Security As Bigger Blind Spot Than GenAI: Cycode

PRESS RELEASE. SAN FRANCISCO, Dec. 06, 2023 - Cycode, the leader in Application Security Posture Management, today announced the inaugural State of ASPM 2024 report, the industry's first.
The research found that AppSec chaos reigns, with 78% of CISOs responding that today's AppSec attack surfaces are unmanageable and 90% of responders confirmed relationships between their security and development teams need to improve.
Surprisingly, 77% of CISOs believe software supply chain security is a bigger blind spot for AppSec than Gen AI or open source.
The State of ASPM 2024 report was compiled from a survey of 500 U.S. CISOs, AppSec Directors and DevSecOps team members.
Prioritization of AppSec risks and activities are a significant problem for most organizations as highlighted in the State of ASPM research.
The vast majority of CISOs acknowledge dev teams suffer from vulnerability noise and alert fatigue, which strains the relationship between security and dev teams.
88% acknowledge that because of alert fatigue developers are not focused on remediating critical vulnerabilities, which increases the potential for a security breach and puts the business at risk.
Only 21% of respondents believe that both security and development are equally responsible for application security, confirming that many security professionals question whether application security is a team sport.
An overwhelming 77% majority said that understanding who owns application security is challenging, indicating that more clarity is needed about who is responsible for AppSec in most organizations.
The report also shows that alert fatigue is not the only cause of the souring relationship between security and development teams.
A staggering 75% of security professionals struggle with the complexity of managing multiple security tools.
92% of CISOs confirmed they are looking to consolidate their AppSec tools into a single platform in the next 12 months.
This comes straight off the heels of Cycode's announcement of an expanded, complete approach to ASPM that enables security and development teams to manage the burden, cost and inefficiencies of having too many siloed security tools from code to cloud - which brings order to better maintain strong application security posture.
The capstone on Cycode's complete ASPM solution was its recent ConnectorX announcement, a click and connect 3rd party ASPM integration platform that provides companies with the choice to use Cycode's native ASPM tools or maximize their investments in their existing AppSec tools.
Using ConnectorX, companies can plug in any AppSec solution and within minutes, gain accurate, real-time visibility into their security posture.
Combined with significant enhancements to its Risk Intelligence Graph for smarter, risk-based prioritization, Cycode delivers the capabilities needed for a complete approach to ASPM, enabling security and development teams to align, build trust and collaborate on maintaining strong application security posture.
Information on Cycode's complete approach to Application Security Posture Management is available online, or book a demo of Cycode's ASPM platform.
Cycode is the leading Application Security Posture Management providing Peace of Mind.
Its complete ASPM platform scales and standardizes developer security without slowing down the business.
With Cycode's complete ASPM, security teams can eliminate context switching, amplify visibility, prioritize and eliminate risk to ensure end-to-end code to cloud coverage, leaving no room for attacks to go unnoticed.


This Cyber News was published on www.darkreading.com. Publication date: Thu, 07 Dec 2023 23:30:06 +0000


Cyber News related to CISOs See Software Supply Chain Security As Bigger Blind Spot Than GenAI: Cycode

CISOs See Software Supply Chain Security As Bigger Blind Spot Than GenAI: Cycode - PRESS RELEASE. SAN FRANCISCO, Dec. 06, 2023 - Cycode, the leader in Application Security Posture Management, today announced the inaugural State of ASPM 2024 report, the industry's first. The research found that AppSec chaos reigns, with 78% of CISOs ...
11 months ago Darkreading.com
Software Supply Chain Security Checklist - In the ever-evolving landscape of digital innovation, the integrity of software supply chains has become a pivotal cornerstone for organizational security. Software supply chain security is not just about protecting code - it's about safeguarding the ...
9 months ago Feeds.dzone.com
Aim Security Raises $10M to Secure Generative AI Enterprise Adoption - PRESS RELEASE. TEL AVIV, Israel-(BUSINESS WIRE)-Aim Security, an Israeli cybersecurity startup offering enterprises a holistic, one-stop shop GenAI security platform, today announced $10 million in seed funding. Aim Security was founded by ...
9 months ago Darkreading.com
Flow Security Launches GenAI DLP - PRESS RELEASE. TEL AVIV, Israel, Nov. 30, 2023 /PRNewswire/ - Flow Security, the pioneering Data Security Lifecycle Platform, announced today its extension to GenAI Security with the launch of a new GenAI DLP module. This move makes Flow Security the ...
11 months ago Darkreading.com
New "MITRE ATT&CK-like" framework outlines software supply chain attack TTPs - A new open framework seeks to outline a comprehensive and actionable way for businesses and security teams to understand attacker behaviors and techniques specifically impacting the software supply chain. The Open Software Supply Chain Attack ...
1 year ago Csoonline.com
Proofpoint's CISO 2024 Report: Top Challenges Include Human Error & Risk - In Proofpoint's 2024 Voice of the CISO report, the cybersecurity company found that CISOs are dealing with people-centric threats more than ever. Plus, cybersecurity budgets often don't change, and AI can help and hurt CISOs' efforts. Regarding the ...
5 months ago Techrepublic.com
CISOs Reconsider Their Roles in Response to GenAI Integration - Chief information security officers face mounting pressure as cyberattacks surge and complexities surrounding the implementation of GenAI and AI technologies emerge. The vast majority - 92% - of the 500 CISOs surveyed by Trellix admitted they are ...
6 months ago Securityboulevard.com
Human error still perceived as the Achilles' heel of cybersecurity - While fears of cyber attacks continue to rise, CISOs demonstrate increasing confidence in their ability to defend against these threats, reflecting a significant shift in the cybersecurity landscape, according to Proofpoint. CISOs' confidence is ...
5 months ago Helpnetsecurity.com
Akto Launches Proactive GenAI Security Testing Solution - With the increasing reliance on GenAI models and Language Learning Models like ChatGPT, the need for robust security measures have become paramount. Akto, a leading API Security company, is proud to announce the launch of its revolutionary GenAI ...
9 months ago Darkreading.com
AI Market Research: The Pivotal Role of Generative AI in Cyber Security - What researchers are learning about GenAI and cyber security. Pair AI with cyber security and the possibilities are staggering. For many security professionals, it's a foregone conclusion that incorporating intelligence into cyber security will ...
5 months ago Blog.checkpoint.com
GenAI Regulation: Why It Isn't One Size Fits All - With President Biden calling on Congress to pass bipartisan data privacy legislation to accelerate the development and use of privacy-centric techniques for the data that is training AI, it's important to remember that excessive regulation can stifle ...
8 months ago Cybersecurity-insiders.com
How the Evolving Role of the CISO Impacts Cybersecurity Startups - It helps startups striving to meet the ever-evolving needs of CISOs, who are simultaneously seeking the elusive but paramount buy-in from business users and executives. The CISO role has evolved dramatically in the past few years in response to ...
11 months ago Darkreading.com
Security tools fail to translate risks for executives - Organizations are struggling with internal communication barriers, which hinder their ability to address cybersecurity threats, according to Dynatrace. The results indicate that CISOs encounter challenges in aligning security teams with the C-suite, ...
6 months ago Helpnetsecurity.com
What do CISOs need to know about API security in 2024? - According to Postman's 2023 State of the API Report, roughly 66% of participants indicated that their APIs contribute to generating revenue. A recent ESG survey on API security showed that 92% of organisations using APIs have experienced a breach in ...
10 months ago Cybersecurity-insiders.com
3 Tips for Becoming the Champion of Your Organization's AI Committee - As organizations get a handle on how AI can benefit their specific offerings, and while they try to ascertain the risks inherent in AI adoption, many forward-thinking companies have already set up dedicated AI stakeholders within their organization ...
6 months ago Darkreading.com
Cisco Motific reduces GenAI security, trust, and compliance risks - Cisco announced Motific, Cisco's SaaS product that allows for trustworthy GenAI deployments in organizations. Born from Outshift, Cisco's incubation business, Motific provides a central view across the entire GenAI journey, empowering central IT and ...
9 months ago Helpnetsecurity.com
Overtaxed State CISOs Struggle with Budgeting, Staffing - Though the number of scarily understaffed offices has dropped — just two respondents reported having one to five full-time employees, down from six in 2022 — more than half of state CISOs report that their staff lack the competencies necessary to ...
1 month ago Darkreading.com
New Survey Finds a Paradox of Confidence in Software Supply Chain Security - Get results of and analysis on ESG's new survey on supply chain security. New research reveals that, despite increasing attacks and incidents against software supply chains, a surprising number of firms believe their defense is sufficient. This gap ...
6 months ago Securityboulevard.com
Soft Skills Every CISO Needs to Inspire Better Boardroom Relationships - In a recent survey of CISOs, 86% of respondents said the role has changed so much that it's almost become a different job altogether from what it once was. In addition to their traditional responsibility of defending organizations from an ...
11 months ago Darkreading.com
The New CISO: Rethinking the Role - Dating back to the 1990s, the role of CISO was more technical and IT-focused. CISOs face more risks than can be resolved, are expected to balance security with operational capability, and must convince leaders to invest in protection. Today, CISOs ...
8 months ago Darkreading.com
Navigating the New Age of Cybersecurity Enforcement - Many equate this move as akin to a bomb going off for people working in the CISO role. CISOs are now faced with unprecedented potential liability risks, prompting the need for a proactive approach to legal exposure for security executives. To shed ...
10 months ago Darkreading.com
11 GenAI cybersecurity surveys you should read - Generative AI stands at the forefront of technological innovation, reshaping industries and unlocking new possibilities across various domains. As the integration of these technologies continues, a vigilant approach to ethical considerations and ...
10 months ago Helpnetsecurity.com
CISO Corner: Deep Dive Into SecOps, Insurance, & CISOs' Evolving Role - Welcome to CISO Corner, Dark Reading's weekly digest of articles tailored specifically to security operations readers and security leaders. We're committed to bringing you a diverse set of perspectives to support the job of operationalizing ...
9 months ago Darkreading.com
Is an open-source AI vulnerability next? - Applications developed within open-source communities often face more significant security challenges because they are free and widely available, supported by volunteers, and because of other considerations. Even if a major open-source AI project ...
6 months ago Helpnetsecurity.com
Mastering SDLC Security: Best Practices, DevSecOps, and Threat Modeling - In the ever-evolving landscape of software development, it's become absolutely paramount to ensure robust security measures throughout the Software Development Lifecycle. Each of these have illuminated different vulnerabilities that can be exploited ...
11 months ago Securityboulevard.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)