Compiled at this year’s Infosecurity Europe 2010, the survey also unearthed that, amongst the 300 IT security professionals interviewed (with the majority taken from companies employing 1,000 plus employees), 31% admitted to being victims of hacking. More interestingly, with 29% replying ‘don’t know’, this figure could be substantially higher! The majority of respondents cited the application layer to be the hackers’ main target.
57% of the IT security profession also confer that the best way to check that their software applications are free of vulnerabilities and secure is to combine all available techniques and solutions, including code and static analysis, web application firewalls, application scanners and pen testing. Only 5% of the survey respondents we spoke to said their organisations didn’t employ technology for software security.
Commenting on these results, Barmak Meftah, Chief Products Officer at Fortify Software said, “It would appear organisations are frustrated with insecure off the shelf solutions, with many obviously feeling there are few alternatives, as they still purchase them. Given that companies have to make a huge investment in applications, whether off-the-shelf, outsourced or built in-house, it is paramount that they use proper procedures (as well as automatic software solutions) to test and strengthen these applications before deployment. On the subject of whether hackers can ever be described as having ‘good’ intentions, I’d rather be on the side of a hacker working to bring security vulnerabilities to my attention so that I can fix them before deploying an application that exposes my business to risk. ”
Of those in this survey that admitted to previous hacking knowledge and experience, 42% learnt in their twenties and 14% in their teens. Most people learnt to hack at work -- 29%; on the Internet, 26%; at University, 13%; and 8% gained their hacking skills whilst still at school and 8% used friends to help them hone their talent.
About Fortify Software :
Fortify's Software Security Assurance products and services protect companies from the threats posed by security flaws in business-critical software applications. Its software security suite—Fortify 360—drives down costs and security risks by automating key processes of developing and deploying secure applications. Fortify Software's customers include government agencies and FORTUNE 500 companies in a wide variety of industries, such as financial services, healthcare, e-commerce, telecommunications, publishing, insurance, systems integration and information management. The company is backed by world-class teams of software security experts and partners. More information is available at www.fortify.com, or visit our blog at blog.fortify.com. Find Fortify on Twitter: @Fortify
Press Contact :
Tel : +44 (0) 2071 832 832
Email : [email protected]