Check out the on-demand sessions from the Low-Code/No-Code Summit to learn how to successfully innovate and achieve efficiency by upskilling and scaling citizen developers. Watch now.


According to a new study by Invicti Security, 70% of development teams always or frequently skip security steps due to time pressures when completing projects. This explains why, in the average organization, 33% of security issues in remediation at any given time come from production code.

Security and development teams spend every day inside a catch-22: relentless demand for continued digital innovation amid increasing security threats to a sprawling attack surface. While there are some bright spots emerging on the road to secure innovation, these professionals are stressed — and too often make bad choices.

The report by Invicti Security, “Application Security and the Innovation Imperative,” examines this pressure cooker and its impact on security practitioners, developers, and the executives who lead them. The report reveals the state of collaboration in the development sector today — pointing to areas that require further progress before security can become a required feature of innovation.

Fortunately, 86% of organizations have increased their focus on web application security in the past 12 months and are holding teams accountable for it, with developers and security in 57% of organizations held accountable to the same security KPIs. This culture shift is yielding results: 41% of security and development pros describe their relationships as like family (with a shared passion for security and working as one team), and another 36% said they are like “besties,” collaborating often to address security issues.

Event

Intelligent Security Summit

Learn the critical role of AI & ML in cybersecurity and industry specific case studies on December 8. Register for your free pass today.

Register Now

However, innovation priorities still outweigh security for most organizations. Only 20% of organizations have fully integrated security into development, leaving a large portion that keeps security teams siloed and devs and security at cross-purposes. While companies recognize the urgency of web app security, and security and devs want to collaborate deeply, executives need to continue to drive culture change to make secure innovation a reality.

Invicti Security surveyed 600 executives and practitioners spanning security, development, and DevOps.

Read the full report by Invicti Security.

VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Discover our Briefings.