Customer-facing web applications are the biggest security challenge: survey
- Published: Friday, 25 August 2017 09:22
Synopsys, Inc. has published the results of a survey of 270 IT security professionals, which found that almost half (48 percent) viewed customer-facing web applications as the area presenting the most security risk to businesses. This is in contrast to 23 percent who identified mobile applications and 18 percent who suggested desktop applications presented the biggest risk.
Andreas Kuehlmann, senior vice president and general manager at Synopsys, does not find this surprising, saying: “The level of customer information necessary to make web applications possible means these applications can be particularly vulnerable to attacks, so adding security into the software development lifecycle and supply chain is a critical requirement for businesses. The findings of the survey demonstrate that companies need to not only focus on building user-friendly web applications, but also ensure the most powerful tools and services are being used to detect and eliminate vulnerabilities in these applications.”
The most common security attacks on customer-facing web applications, from sales portals to instant messaging services, include SQL Injections, Cross-site Scripting (XSS), Remote Command Execution, and Path Traversal, which can all cause serious damage to businesses and users alike.
Other key findings of the survey include:
- 54 percent of those surveyed said that “protecting customer data” within these applications represents the top security concern;
- Aside from the technical challenges in securing customer-facing web applications, 41 percent of those surveyed felt that a lack of skilled security personnel or training was the biggest challenge, reflective of the cybersecurity skills gap across the globe;
- 84 percent of respondents indicated that they have a strategy in place in the event of a security incident. Only 12 percent said they didn’t and 4 percent suggested they didn’t know.