"Organizations Moving Toward More Rigorous Security Testing to Ensure Compliance"
The 2020 State of Compliance and Security Testing Report released by Synack highlights results from a survey in which 311 North American organizations shared information about their security compliance testing. The results gave insight into the challenges faced by organizations in their efforts to ensure that their business assets comply with security standards. According to the report, the expense of security testing is a major challenge for organizations as they incur costs from test activity, remediation, efficient scaling, false positives, the integration with DevOps processes, and more. Other challenges include scheduling security tests, managing testers, ensuring effective testing, and the time it takes to conduct such tests. The survey also found that most organizations are spending 20 hours or less on security testing, perhaps due to limited budgets and small teams. However, as cyber incidents continue to grow in frequency and complexity, organizations will have to implement continuous security testing solutions that require 1500-2000 hours a year. This article continues to discuss key findings from Synack's report in regard to the common challenges and current trends in security testing.