Dr. Al-Rabeeah: 170 countries benefited from $133 billion aid from Saudi Arabia "Humanitarian efforts strained by increasing crises, funding shortages, and access challenges"    Questions raised over Portugal's capacity to host Europe's largest annual tech event    Delhi shuts all primary schools as hazardous smog worsens    Sri Lankan leader seeks big majority in snap election    'Major supplier' of people-smuggling boats arrested    Sudan death toll far higher than previously reported — study    Riyadh lights up as Celine Dion and Jennifer Lopez dazzle at Elie Saab's 45th-anniversary celebration    Public Security chief launches digital vehicle plate wallet service    Pop hit APT too distracting for South Korea's exam-stressed students    'Action is in our nature': 4th Saudi Green Initiative Forum to be held at COP16    Saudi Arabia's inflation rate hits 1.9% in October, the highest in 14 months    Mohammed Al-Habib Real Estate Co. sets Guinness World Record with largest continuous concrete pour    Australia and Saudi Arabia settle for goalless draw in AFC Asian Qualifiers    PIF completes largest-ever accelerated bookbuild offering in MENA region    Order vs. Morality: Lessons from New York's 1977 Blackout    South Korean actor Song Jae Lim found dead at 39    Don't sit on the toilet for more than 10 minutes, doctors warn    'Marvels of Saudi Orchestra' to dazzle audience in Tokyo on Nov. 22    Saudi Champion Saeed Al-Mouri scores notable feat in Radical World Championship in Abu Dhabi with support from Bin-Shihon Group    France to deploy 4,000 police officers for UEFA Nations League match against Israel    Al Nassr edges past Al Riyadh with Mane's goal to move up to third    India puts blockbuster Pakistani film on hold    The Vikings and the Islamic world    Filipino pilgrim's incredible evolution from an enemy of Islam to its staunch advocate    Exotic Taif Roses Simulation Performed at Taif Rose Festival    Asian shares mixed Tuesday    Weather Forecast for Tuesday    Saudi Tourism Authority Participates in Arabian Travel Market Exhibition in Dubai    Minister of Industry Announces 50 Investment Opportunities Worth over SAR 96 Billion in Machinery, Equipment Sector    HRH Crown Prince Offers Condolences to Crown Prince of Kuwait on Death of Sheikh Fawaz Salman Abdullah Al-Ali Al-Malek Al-Sabah    HRH Crown Prince Congratulates Santiago Peña on Winning Presidential Election in Paraguay    SDAIA Launches 1st Phase of 'Elevate Program' to Train 1,000 Women on Data, AI    41 Saudi Citizens and 171 Others from Brotherly and Friendly Countries Arrive in Saudi Arabia from Sudan    Saudi Arabia Hosts 1st Meeting of Arab Authorities Controlling Medicines    General Directorate of Narcotics Control Foils Attempt to Smuggle over 5 Million Amphetamine Pills    NAVI Javelins Crowned as Champions of Women's Counter-Strike: Global Offensive (CS:GO) Competitions    Saudi Karate Team Wins Four Medals in World Youth League Championship    Third Edition of FIFA Forward Program Kicks off in Riyadh    Evacuated from Sudan, 187 Nationals from Several Countries Arrive in Jeddah    SPA Documents Thajjud Prayer at Prophet's Mosque in Madinah    SFDA Recommends to Test Blood Sugar at Home Two or Three Hours after Meals    SFDA Offers Various Recommendations for Safe Food Frying    SFDA Provides Five Tips for Using Home Blood Pressure Monitor    SFDA: Instant Soup Contains Large Amounts of Salt    Mawani: New shipping service to connect Jubail Commercial Port to 11 global ports    Custodian of the Two Holy Mosques Delivers Speech to Pilgrims, Citizens, Residents and Muslims around the World    Sheikh Al-Issa in Arafah's Sermon: Allaah Blessed You by Making It Easy for You to Carry out This Obligation. Thus, Ensure Following the Guidance of Your Prophet    Custodian of the Two Holy Mosques addresses citizens and all Muslims on the occasion of the Holy month of Ramadan    







Thank you for reporting!
This image will be automatically disabled when it gets reported by several people.



Saudi businesses urged to put application security at heart of 2030 Vision plans
The Saudi Gazette Published in The Saudi Gazette on 18 - 10 - 2016

F5 Networks on Tuesday urged Saudi businesses to put application security at the heart of plans to support the Kingdom's tech-driven and transformative 2030 Vision.
The global application security specialist highlighted the pitfalls and opportunities for business-leaders as it revealed findings from its first Annual State of Application Security report, which was conducted in partnership with the Ponemon Institute.
"The proliferation of cutting-edge technology in Saudi Arabia is increasingly important as the Kingdom's 2030 Vision is delivered. This is a genuinely transformative plan and applications will function as its central nervous system, empowering both individuals and business to prosper through new levels of flexibility and innovation," said Mamduh Allam, Saudi Arabia General Manager, F5 Networks.
"However, the accountability for the security of applications appears to be in a state of flux, and IT departments still face significant barriers to ensure the integrity of these apps and the data they contain."
Fifty percent of businesses run between 500 and 2,500 active applications, according to F5's Application Security in the Changing Risk Landscape report.12% use more than 2,500.
Despite a third of all applications deemed critical to day-to-day activity, only 35% claimed to have the resources to detect vulnerabilities and as few as 30% said they had the technology to remediate the issues. A full 88% were concerned about new and emerging cyber-security threats weakening the future state of application security.
Worryingly, 43% also claimed to have no confidence that they knew all the applications in their organization (23% were "somewhat confident").
Allam explained that one of the biggest challenges business face is a seachange in IT responsibility, particularly as applications become more central to delivering vital services, adaptive to mobile workforces and harnessing the Internet of Things.
F5's survey found that 56% of respondents believe accountability for application security is shifting from IT to the end user or application owner. Whereas 21% respondents claimed the CIO or CTO is accountable, another 20% said nobody one had full ownership.
"We are finding that businesses are still coming to terms with the onslaught of new technologies, such as the Internet of Things infiltrating all aspects of our professional and personal lives. As a result, IT departments are often unprepared and under-resourced to implement sufficient defense strategies," said Allam.
"Poor visibility on the application layer, application migration to the cloud, the proliferation of mobile devices and the lack of preparation of the development teams are among the main pitfalls faced by Saudi businesses today."
In the past year, the most common security incidents due to insecure applications were SQL injections (29%), DDoS (25%) and Web fraud (21%). Fifty percent of respondents reported that applications are attacked more frequently than the network layer, with 58% claiming these types of attack are more severe.
63% of respondents said application layer attacks are harder to detect than at the network layer and 67% indicated they were more difficult to contain. The majority of respondents (57%) noted that a lack of visibility in the application layer is an impediment to achieving a robust security posture. In part, this can be attributed to the fact that network security is better funded than application security. F5's report discovered that 18% of the IT security budget is dedicated to application security, whereas more than double that amount (an average of 39%) is allocated to network security.
Other significant barriers are created by migration to the cloud (47%), lack of skilled or expert personnel (45%) and the proliferation of mobile devices (43% respondents).
Indeed, the growth in mobile and cloud-based applications is seen as significantly affecting application security risk. 60% of respondents say mobile apps increase risk (25%) or increase risk significantly (35%). 51% of respondents say cloud-based applications increase risk (25%or increase risk significantly (26%).
Almost half of respondents said their organization does not test applications for threats and vulnerabilities (25%) or testing is not pre-scheduled (23%). Only 14% of respondents say applications are tested every time the code changes.
The situation is exacerbated by businesses having scant confidence that application developers in their organization practice secure design, development and testing of applications. When it comes to application development, 74% claim they are only somewhat confident (27% or have no confidence (47%) that practices such as input/output validation, defensive programming and appropriate compiler/linker security options are conducted.
Nevertheless, there is growing confidence that the increasing prominence and influence of DevOps or continuous integration will have a positive impact on application security. 35% of respondents say their organizations have adopted DevOps or continuous integration practices into the application development lifecycle. 71% say this results in improved application security and enables them to respond quickly to security issues and vulnerabilities (56 percent of respondents).
The perceived cyber-security skill-gap is also a pressing issue. 69% of respondents believe the shortage of skilled and qualified application developers puts their applications at risk. Moreover, 67% say the "rush to release" causes application developers in their organization to neglect secure coding procedures and processes.
Recent F5 research highlights the importance of businesses tackling issues head-on or risk customer trust issues. A recent privacy and security survey among 1,000 Saudi consumers found that 59% are concerned that their data will fall into the wrong hands, followed closely by their privacy being compromised (57 percent). However, Saudi consumers were consistently more willing to give up their data compared to consumers in Europe; only 8 percent per stated they would not give up their data at all, compared to 33 percent the UK.
While consumers in Saudi Arabia regarded banks as the most trustworthy companies (91 percent), there is dissatisfaction in the methods used to protect their data. Consumers believed that banks (86 percent), public sector and government (80 percent), insurance (72 percent) and healthcare (71 percent), needed to field better authentication capabilities to achieve greater security. Across EMEA, 88% of consumers felt strongly that organizations should improve authentication for greater security.
"Ultimately, application security is a collective responsibility," added Allam.
"Stakeholders in the equation of a successful application deployment strategy should include the IT department, developers, DevOps and also company CIO or CTO executives who need to attribute more resources to this important area of business. Determining a sustainable ownership strategy for application security will help firms to deploy applications security across their employee network for 24-hour access, on any device and from any location." — SG

Clic here to read the story from its source.