"Nearly three-quarters of organizations have suffered at least one security breach or incident in the last year that can be blamed on insecure coding practices. Analysis from SecureFlag found 74% of organizations have suffered an incident as a result of dodgy code, with nearly half of those hit by multiple breaches. The report comes as AI is beginning to take over some coding duties from developers. Debate remains over whether that code is secure."
"It wasn't all bad news, however. The report revealed that companies are ramping up developer security training as a result of lingering issues. Nearly half (44%) said they offer training updates on a quarterly basis, while 29% offer fresh training schemes monthly. The report said this shows enterprises are conscious of the risks associated with insecure code and are taking proactive steps to mitigate risks. Indeed, nine-in-ten said they were formally assessing their development teams' secure coding skills."
74% of organizations suffered at least one security breach or incident in the last year attributable to insecure coding practices, with nearly half experiencing multiple breaches. AI is increasingly taking over some coding duties, creating debate about the security of AI-generated code and concerns that insecure patterns could be replicated by AI. Enterprises are increasing developer security training, with 44% providing quarterly updates and 29% monthly, and 90% formally assessing secure coding skills. Popular training formats include video tutorials (46%), eLearning (42%), classes, interactive labs, and capture-the-flag exercises. Measuring ROI (40%) and a lack of useful content remain key challenges.
Read at IT Pro
Unable to calculate read time
Collection
[
|
...
]