Original Post: New Data Reveals Top Drivers of Secure Software in Financial Services…
The financial services sector globally is under heightened security regulations, such as the US Executive Order on Cybersecurity, the EU’s NIS2 Directive, the SEC’s new disclosure rules, and ISO 20022. Veracode has released data highlighting key drivers that can reduce software security risks in this industry. Their findings show that financial applications generally have better security performance than other sectors, thanks to automation, targeted security training, and API-launched scanning.
Veracode’s “State of Software Security 2023 in Financial Services” report indicates that while 32% of applications initially show flaws, this rate increases up to 70% over five years due to application growth. Monthly, there is a 27% chance of new flaws being introduced. However, financial services organizations can reduce this probability by adopting API-launched scanning and targeted security training, which lowers the chance of flaw introduction to less than 22%.
The research emphasizes the importance of API-launched scanning as a marker of mature development practices, and the significance of interactive security training, like Veracode’s Security Labs, which engages developers in learning secure coding practices. These strategies help mitigate security debt as applications scale. Veracode offers consultations and free trials to help organizations integrate these practices effectively.
Go here to read the Original Post