Security staff in global businesses don’t have much of an influence when it comes to budgeting and developing secure applications, according to a new report from cybersecurity firm Radware.
As a result, businesses are having a hard time maintaining consistent application security across multiple platforms and API security is now the biggest threat to enterprises, the report claims.
Polling 205 decision-makers from businesses with at least 1,000 employees, Radware found that security staff are not the primary influencer of application development architecture or budget in the vast majority (90 percent) of cases.
As a result, just over a third (36 percent) of mobile apps have security fully integrated, with four in ten saying the majority of their apps are exposed to the internet or third-party services through APIs.
More than half of businesses experience DoS attacks against their APIs at least once a month, while 49 percent suffer an injection attack in the same timeframe. More than four in ten (42 percent), meanwhile suffer at least one element/attribute manipulation per month.
“With 2020’s rapid cloud migration, we were surprised to see the pervasiveness across organizations of dangerous levels of insecurity in mobile and cloud-based apps, as well as APIs,” said Michael Osterman of Osterman Research, who participated in the making of the report.