Saudi deputy FM meets Sudan's Sovereign Council chief in Port Sudan    Kuwait, India to elevate bilateral relations to strategic partnership Sheikh Mishal awards Mubarak Al-Kabir Medal to Modi    MoH to penalize 5 health practitioners for professional violations    Al-Samaani: Saudi Arabia to work soon on a comprehensive review of the legal system    Environment minister inaugurates Yanbu Grain Handling Terminal    Germany's attack suspect reportedly offered reward to target Saudi ambassador    U.S. Navy jet shot down in 'friendly fire' incident over Red Sea    Israeli strikes in Gaza kill at least 20 people, including five children    Trudeau's leadership under threat as NDP withdraws support, no-confidence vote looms    Arabian Gulf Cup begins with dramatic draws and a breathtaking ceremony in Kuwait    GACA report: 928 complaints filed by passengers against airlines in November    Riyadh Season 5 draws record number of over 12 million visitors    Fury vs. Usyk: Anticipation builds ahead of Riyadh's boxing showdown    Saudi Arabia to compete in 2025 and 2027 CONCACAF Gold Cup tournaments    Marianne Jean-Baptiste on Oscars buzz for playing 'difficult' woman    PDC collaboration with MEDLOG Saudi to introduce new cold storage facilities in King Abdullah Port Investment of SR300 million to enhance logistics capabilities in Saudi Arabia    Al Shabab announces departure of coach Vítor Pereira    My kids saw my pain on set, says Angelina Jolie    Legendary Indian tabla player Zakir Hussain dies at 73    Eminem sets Riyadh ablaze with unforgettable debut at MDLBEAST Soundstorm    Order vs. Morality: Lessons from New York's 1977 Blackout    India puts blockbuster Pakistani film on hold    The Vikings and the Islamic world    Filipino pilgrim's incredible evolution from an enemy of Islam to its staunch advocate    Exotic Taif Roses Simulation Performed at Taif Rose Festival    Asian shares mixed Tuesday    Weather Forecast for Tuesday    Saudi Tourism Authority Participates in Arabian Travel Market Exhibition in Dubai    Minister of Industry Announces 50 Investment Opportunities Worth over SAR 96 Billion in Machinery, Equipment Sector    HRH Crown Prince Offers Condolences to Crown Prince of Kuwait on Death of Sheikh Fawaz Salman Abdullah Al-Ali Al-Malek Al-Sabah    HRH Crown Prince Congratulates Santiago Peña on Winning Presidential Election in Paraguay    SDAIA Launches 1st Phase of 'Elevate Program' to Train 1,000 Women on Data, AI    41 Saudi Citizens and 171 Others from Brotherly and Friendly Countries Arrive in Saudi Arabia from Sudan    Saudi Arabia Hosts 1st Meeting of Arab Authorities Controlling Medicines    General Directorate of Narcotics Control Foils Attempt to Smuggle over 5 Million Amphetamine Pills    NAVI Javelins Crowned as Champions of Women's Counter-Strike: Global Offensive (CS:GO) Competitions    Saudi Karate Team Wins Four Medals in World Youth League Championship    Third Edition of FIFA Forward Program Kicks off in Riyadh    Evacuated from Sudan, 187 Nationals from Several Countries Arrive in Jeddah    SPA Documents Thajjud Prayer at Prophet's Mosque in Madinah    SFDA Recommends to Test Blood Sugar at Home Two or Three Hours after Meals    SFDA Offers Various Recommendations for Safe Food Frying    SFDA Provides Five Tips for Using Home Blood Pressure Monitor    SFDA: Instant Soup Contains Large Amounts of Salt    Mawani: New shipping service to connect Jubail Commercial Port to 11 global ports    Custodian of the Two Holy Mosques Delivers Speech to Pilgrims, Citizens, Residents and Muslims around the World    Sheikh Al-Issa in Arafah's Sermon: Allaah Blessed You by Making It Easy for You to Carry out This Obligation. Thus, Ensure Following the Guidance of Your Prophet    Custodian of the Two Holy Mosques addresses citizens and all Muslims on the occasion of the Holy month of Ramadan    







Thank you for reporting!
This image will be automatically disabled when it gets reported by several people.



Saudi businesses urged to put application security at heart of 2030 Vision plans
Published in The Saudi Gazette on 18 - 10 - 2016

F5 Networks on Tuesday urged Saudi businesses to put application security at the heart of plans to support the Kingdom's tech-driven and transformative 2030 Vision.
The global application security specialist highlighted the pitfalls and opportunities for business-leaders as it revealed findings from its first Annual State of Application Security report, which was conducted in partnership with the Ponemon Institute.
"The proliferation of cutting-edge technology in Saudi Arabia is increasingly important as the Kingdom's 2030 Vision is delivered. This is a genuinely transformative plan and applications will function as its central nervous system, empowering both individuals and business to prosper through new levels of flexibility and innovation," said Mamduh Allam, Saudi Arabia General Manager, F5 Networks.
"However, the accountability for the security of applications appears to be in a state of flux, and IT departments still face significant barriers to ensure the integrity of these apps and the data they contain."
Fifty percent of businesses run between 500 and 2,500 active applications, according to F5's Application Security in the Changing Risk Landscape report.12% use more than 2,500.
Despite a third of all applications deemed critical to day-to-day activity, only 35% claimed to have the resources to detect vulnerabilities and as few as 30% said they had the technology to remediate the issues. A full 88% were concerned about new and emerging cyber-security threats weakening the future state of application security.
Worryingly, 43% also claimed to have no confidence that they knew all the applications in their organization (23% were "somewhat confident").
Allam explained that one of the biggest challenges business face is a seachange in IT responsibility, particularly as applications become more central to delivering vital services, adaptive to mobile workforces and harnessing the Internet of Things.
F5's survey found that 56% of respondents believe accountability for application security is shifting from IT to the end user or application owner. Whereas 21% respondents claimed the CIO or CTO is accountable, another 20% said nobody one had full ownership.
"We are finding that businesses are still coming to terms with the onslaught of new technologies, such as the Internet of Things infiltrating all aspects of our professional and personal lives. As a result, IT departments are often unprepared and under-resourced to implement sufficient defense strategies," said Allam.
"Poor visibility on the application layer, application migration to the cloud, the proliferation of mobile devices and the lack of preparation of the development teams are among the main pitfalls faced by Saudi businesses today."
In the past year, the most common security incidents due to insecure applications were SQL injections (29%), DDoS (25%) and Web fraud (21%). Fifty percent of respondents reported that applications are attacked more frequently than the network layer, with 58% claiming these types of attack are more severe.
63% of respondents said application layer attacks are harder to detect than at the network layer and 67% indicated they were more difficult to contain. The majority of respondents (57%) noted that a lack of visibility in the application layer is an impediment to achieving a robust security posture. In part, this can be attributed to the fact that network security is better funded than application security. F5's report discovered that 18% of the IT security budget is dedicated to application security, whereas more than double that amount (an average of 39%) is allocated to network security.
Other significant barriers are created by migration to the cloud (47%), lack of skilled or expert personnel (45%) and the proliferation of mobile devices (43% respondents).
Indeed, the growth in mobile and cloud-based applications is seen as significantly affecting application security risk. 60% of respondents say mobile apps increase risk (25%) or increase risk significantly (35%). 51% of respondents say cloud-based applications increase risk (25%or increase risk significantly (26%).
Almost half of respondents said their organization does not test applications for threats and vulnerabilities (25%) or testing is not pre-scheduled (23%). Only 14% of respondents say applications are tested every time the code changes.
The situation is exacerbated by businesses having scant confidence that application developers in their organization practice secure design, development and testing of applications. When it comes to application development, 74% claim they are only somewhat confident (27% or have no confidence (47%) that practices such as input/output validation, defensive programming and appropriate compiler/linker security options are conducted.
Nevertheless, there is growing confidence that the increasing prominence and influence of DevOps or continuous integration will have a positive impact on application security. 35% of respondents say their organizations have adopted DevOps or continuous integration practices into the application development lifecycle. 71% say this results in improved application security and enables them to respond quickly to security issues and vulnerabilities (56 percent of respondents).
The perceived cyber-security skill-gap is also a pressing issue. 69% of respondents believe the shortage of skilled and qualified application developers puts their applications at risk. Moreover, 67% say the "rush to release" causes application developers in their organization to neglect secure coding procedures and processes.
Recent F5 research highlights the importance of businesses tackling issues head-on or risk customer trust issues. A recent privacy and security survey among 1,000 Saudi consumers found that 59% are concerned that their data will fall into the wrong hands, followed closely by their privacy being compromised (57 percent). However, Saudi consumers were consistently more willing to give up their data compared to consumers in Europe; only 8 percent per stated they would not give up their data at all, compared to 33 percent the UK.
While consumers in Saudi Arabia regarded banks as the most trustworthy companies (91 percent), there is dissatisfaction in the methods used to protect their data. Consumers believed that banks (86 percent), public sector and government (80 percent), insurance (72 percent) and healthcare (71 percent), needed to field better authentication capabilities to achieve greater security. Across EMEA, 88% of consumers felt strongly that organizations should improve authentication for greater security.
"Ultimately, application security is a collective responsibility," added Allam.
"Stakeholders in the equation of a successful application deployment strategy should include the IT department, developers, DevOps and also company CIO or CTO executives who need to attribute more resources to this important area of business. Determining a sustainable ownership strategy for application security will help firms to deploy applications security across their employee network for 24-hour access, on any device and from any location." — SG


Clic here to read the story from its source.