OPSWAT and F5 Survey Reveals Widespread Unpreparedness for Escalating Application Security Threats
83% of companies have not fully implemented defense-in-depth strategies, leaving them vulnerable to increasingly sophisticated cyberattacks
TAMPA, Fla., Sept. 4, 2024 /PRNewswire/ -- OPSWAT, a leader in critical infrastructure protection (CIP), has teamed with F5, the leading multicloud application security and delivery company, on a new survey with Dark Reading, highlighting significant industry concerns among IT and corporate leadership regarding their organization's preparedness to face escalating cyber threats. Many enterprises are challenged with the complexities of web application security, compliance issues, and the perceived lack of support from organizational leadership.
The survey, which included responses from IT and corporate leadership, reveals a worrying trend: Over the past year, 35% of respondents reported suffering a malware breach, 28% experienced credential theft or unauthorized account access, and 24% faced a security compromise involving a vendor, contractor, or other third party.
Other key findings from the survey include:
Challenges in Compliance with Various Regulatory Requirements: Many organizations struggle to maintain compliance with regulatory standards, with only 27% of respondents regularly referencing OWASP for web application security best practices. This contrasts with 53% referencing NIST and 37% referring to CISA guidelines.
Perceived Lack of Support from Leadership: IT leaders report feeling under-resourced, with the top concerns preventing them from feeling adequately prepared for security threats being budget shortages, inadequacies in staff training and technical partnerships, disparate security ecosystems and vendors, and a general lack of attention from top management.
Complexity of Web Application Security: The migration and deployment of cloud-hosted web applications have added significant complexity to web application security. For example, compliance remains challenging, particularly in adhering to OWASP requirements before and during production.
Lack of Preparedness for Escalating Attacks: A mere 25% of respondents feel their organizations are fully prepared to handle DDoS attacks, which have been on the rise globally. Preparedness for other threats such as Advanced Persistent Threats (APTs), botnets, API security issues, and zero-day malware is even lower.
Despite awareness of the necessary strategies, the report highlights a significant gap in implementation. While CISA recommends a defense-in-depth approach—utilizing multiple countermeasures in a layered manner, such as sandboxing, Content Disarm and Reconstruction (CDR), behavior analysis, vulnerability scanning, and security testing—only 17% of organizations have fully implemented these strategies. This leaves 83% of companies vulnerable, lacking the comprehensive, multi-layered security needed to defend against today's sophisticated threats.
"This report is a reminder that the industry is constantly engaged in a catch-up game with threat actors, with cycles of attacks and countermeasures," said George Prichici, VP of Products at OPSWAT. "As cyber threats evolve in complexity and scale, organizations must prioritize a multi-layered security approach. OPSWAT urges organizations to invest in advanced, prevention-based security technologies and ensure their teams are well-trained. In today's dynamic threat landscape, a comprehensive, layered approach to web application security is essential to protect critical infrastructure and safeguard sensitive data."
Download the full survey findings and learn how OPSWAT and F5 can assist in enhancing your organization's application security: https://info.opswat.com/why-multi-layered-defense-is-critical-in-application-security
About OPSWAT
For the last 20 years OPSWAT, a global leader in IT, OT, and ICS critical infrastructure cybersecurity, has continuously evolved an end-to-end solutions platform that gives public and private sector organizations and enterprises the critical advantage needed to protect their complex networks and ensure compliance. Empowered by a "Trust no file. Trust no device.™" philosophy, OPSWAT solves customers' challenges around the world with zero-trust solutions and patented technologies across every level of their infrastructure, securing their networks, data, and devices, and preventing known and unknown threats, zero-day attacks, and malware. Discover how OPSWAT protects the world's critical infrastructure and helps secure our way of life; visit www.opswat.com.
F5 is a trademark, service mark, or tradename of F5, Inc., in the U.S. and other countries. All other product and company names herein may be trademarks of their respective owners. The use of the words "partner," "partnership," or "joint" does not imply a legal partnership relationship between F5 and any other company.
Media Contact
Kat Lewis, VP of Global Marketing and Communications
+1.415.590.7300
[email protected]
SOURCE OPSWAT
WANT YOUR COMPANY'S NEWS FEATURED ON PRNEWSWIRE.COM?
Newsrooms &
Influencers
Digital Media
Outlets
Journalists
Opted In
Share this article