Ninety-eight percent of organizations across nine countries, including the U.S., experienced data breaches stemming from vulnerable code this year, compared with over 90% last year and almost 80% in 2023, while the rate of companies that knowingly shipped vulnerable software rose from two-thirds to four-fifths, according to Cybersecurity Dive.
Moreover, 27% of surveyed companies disclosed being impacted by at least four data breaches annually, compared with 16% last year, with the increase attributed to weakening cybersecurity defenses after every succeeding breach, a report from Checkmarx showed. Software supply chain intrusions were cited by surveyed chief information security officers, application security managers, and software developers as the leading attack vector within the next 12 to 18 months. However, highly mature security programs were reported by only 31% of CISOs and application security managers, while substantial gaps were noted by almost 20%. Additional findings showed that while 50% have already employed artificial intelligence coding assistants, only 18% had proper policies for such systems.
Moreover, 27% of surveyed companies disclosed being impacted by at least four data breaches annually, compared with 16% last year, with the increase attributed to weakening cybersecurity defenses after every succeeding breach, a report from Checkmarx showed. Software supply chain intrusions were cited by surveyed chief information security officers, application security managers, and software developers as the leading attack vector within the next 12 to 18 months. However, highly mature security programs were reported by only 31% of CISOs and application security managers, while substantial gaps were noted by almost 20%. Additional findings showed that while 50% have already employed artificial intelligence coding assistants, only 18% had proper policies for such systems.
