API insecurity costs examined

Organizations with improperly secured APIs could have losses ranging from $41 billion to $75 billion per year, with enterprises reporting over $100 billion in revenue had a threefold to fourfold increased API insecurity risk, compared with small or medium-sized businesses, according to VentureBeat. An Imperva report revealed that 95% of organizations experienced API security incidents within the past year, while 34% noted the absence of an API security program even though API operations have been ongoing. "Many organizations are failing to protect their APIs because it requires equal participation from the security and development teams. Historically, these groups have been at odds security is the party of no, and DevOps is irresponsible and moves too fast," said API Security Vice President Lebin Cheng. API discovery and data classification should be standard in security solutions deployed by security teams, according to Cheng, who added that such features would improve the identification of possible security gaps.