"Three-Quarters of CISOs Admit App Security Incidents"

According to security researchers at Dynatrace, three-quarters (72%) of global CISOs have experienced an application security incident in the past two years, causing lost revenue and market share. The researchers polled 1300 CISOs and a handful of CEOs and CFOs to compile their latest report, "The State of Application Security in 2024." The researchers found that app security incidents, in many cases, led to lost revenue (47%), regulatory fines (36%), and lost market share (28%). Most respondents traced the problem back in part to poor CISO-board alignment, with 87% of CISOs claiming application security is a blind spot at the CEO and board level. The researchers noted that there appear to be multiple factors at play here. Some 70% of C-suite executives polled said security teams talk too much in technical terms without providing business context, while 75% of CISOs said security tools can't generate insights the CEO and board can use to understand business risk. The researchers also found that CISOs are also worried about the growing role AI could play in undermining application security. Over half (52%) of those polled said they are concerned about the potential for the technology to empower cybercriminals, enabling them to create new exploits faster and execute them on a broader scale. A slightly smaller share (45%) complained that AI could enable developers to accelerate the delivery of software without proper oversight, increasing the likelihood of buggy code making it into production.

Infosecurity Magazine reports: "Three-Quarters of CISOs Admit App Security Incidents"