Application security focused company Arxan has created some pretty neat info-graphics summarizing the State of Application Security. They have reached out to me for a review; I found the infographic along with corresponding detailed reports which outlines the summary, methodology, findings, and recommendations, quite effective yet precis overview of the state of appsec.
Forty-one percent of mobile finance app users expect their finance apps to be hacked within the next six months. Executive IT decision makers (42%) who have oversight or insight into the security of the mobile finance apps they produce feel the same way. This sentiment makes it sound like mobile finance applications are at a hopeless state of security where, despite Herculean efforts to thwart attackers, adversaries are expected to prevail. But it’s not hopeless. It’s careless. Especially when you consider that 50% of organizations have zero budget allocated for mobile app security.1
The report on state of application security also covers other verticals (healthcare), and provides wealth of information from various sources including but not limited to IBM Security / Ponemon study: The State of Mobile Application Insecurity (February 2015), The Open Web Application Security Project, PwC State of Global Information Security 2016, US Federal Reserve: Consumers and Mobile Financial Services 2015, and TSYS: 2015 UK Mobile Payment Study to name a few.
A recommended reading for security professionals and developers.
