Mobile App Security Weak: Report

Friday, March 27, 2015 @ 04:03 PM gHale


Nearly 40 percent of large companies are not taking necessary precautions to secure the apps they are providing end users, a new report said.

The State of Mobile Application Insecurity report came together from analyzing over 400 large companies.

RELATED STORIES
Zero Days Galore
Incidents Down; APTs on Rise
Security: A Presidential Mandate
Malware Focuses on U.S. Attacks

In addition, not only are 40 percent of large companies not scanning their apps for vulnerabilities, a company will on average test less than half of their apps for security flaws, according to the State of Mobile Application Insecurity report from IBM/Ponemon.

The reason for low security levels all comes down to putting the user experience ahead of security, with 65 percent of respondents saying customer demand or need beats security as a priority.

Even more common is the need to rush a release to meet a deadline due to internal pressures, with 77 percent of those surveyed highlighting this demand as a reason why mobile apps could contain vulnerable code.

Budgets for mobile development is sizable, as organizations on average spent around $34 million on mobile app development, but just 5.5 percent is finding its way toward security.

“It’s just an indicator that we have a problem, a risk issue that isn’t necessarily being met, at least not with respect to training and awareness,” said Larry Ponemon, chairman and the founder of The Ponemon Institute.

Benefits to products come from designing security in from the beginning, not bolting it on at the end. When that happens, security fixes end up inevitable.

Click here to register for the report.



Leave a Reply

You must be logged in to post a comment.