"50% of Financial Orgs Have High-Severity Security Flaws in Their Apps"

According to security researchers at Veracode, security debt, flaws that remain unfixed for longer than a year, exists in 76% of organizations in the financial services sector, with 50% of organizations carrying critical security debt.  During the study, researchers found that 40% of all applications in the financial sector have security debt, which is slightly better than the cross-industry average of 42%.  In addition, just 5.5% of financial sector applications are flaw-free, compared to 5.9% across other industries.  While slightly fewer financial sector applications have security debt, they accumulate more of it.  The researchers noted that there is a need for financial services organizations to address security debt in both first-party and third-party code.  Many (84%) of security debt affects first-party code, but 78.6% of critical security debt comes from third-party dependencies.  

Help Net Security reports: "50% of Financial Orgs Have High-Severity Security Flaws in Their Apps"