UAE organisations neglect application security; report
F5 Networks highlights the major security challenges IT managers face supporting development and innovation initiatives
F5 Networks has urged businesses to factor in application security into their security plans to support regional development and innovation initiatives.
The global application security specialist highlighted the pitfalls and opportunities for business-leaders as it revealed findings from its first "Annual State of Application Security" report, which was conducted in partnership with the Ponemon Institute1.
Diego Arrabal, VP MEA at F5, said: "The proliferation of cutting-edge technology in is the UAE is on the rise, particularly as the country's 2021 Vision continues apace. However, the accountability for the security of applications appears to be in a state of flux, and IT departments still face significant barriers to ensure the integrity of these apps and the data they contain."
According to F5's "Application Security in the Changing Risk Landscape" report, 50% of businesses run between 500 and 2,500 active applications. Furthermore, despite a third of all applications deemed critical to day-to-day activities, only 35% claimed to have the resources to detect vulnerabilities and just 30% said they had the technology to remediate these issues. A full 88% were concerned about new and emerging cyber-security threats weakening the future state of application security. What's more, 43% claimed to have no confidence that they knew about all the applications in their organisations.
Arrabal explained that one of the major challenges faced by businesses is a sea-change in IT responsibility, particularly as applications take centre stage and start to constructively drive the potential of emerging concepts like the Internet of Things.
"We are finding that businesses are still coming to terms with the onslaught of new technologies, such as the Internet of Things infiltrating all aspects of our professional and personal lives. As a result, IT departments are often unprepared and under-resourced to implement sufficient defence strategies," said Arrabal.
He added: "Poor visibility in the application layer, application migration to the cloud, the explosion of mobile devices and the lack of preparation among development teams are critical issues at the moment."
In addition, the cyber-security skill-gap is also a pressing issue, as 69% of respondents believe the shortage of skilled and qualified application developers puts their applications at risk. Moreover, 67% say the "rush to release" causes application developers in their organisation to neglect secure coding procedures and processes.