Intelligent CIO Europe Issue 9 - Page 32

INFOGRAPHIC INFOGRAPHIC Infosecurity Europe highlights InfoSec concerns in Europe S ynopsys has announced the findings of a survey conducted at this year’s Infosecurity Europe event which reveals how the security industry is dealing with the complex changes ushered in by GDPR, as well as the high-stakes game of securing data privacy in applications. At Infosecurity Europe which took place in June this year, Synopsys surveyed 275 attendees who visited its booth to get the pulse of InfoSec concerns in Europe. Synopsys was delighted to learn that 90% of the organisations of those surveyed had a formal application security process in place, using a dedicated internal application security team or initiative, third party providers, or a combination of both. Their responses regarding the biggest challenge their organisations face when implementing their AppSec programs were nearly evenly split between: a lack of skilled professionals; the impact such a program might have on the agility and speed of application development and deployment, and of course; budget constraints. Just 8% had trouble with a lack of executive sponsorship. GDPR, data security and data privacy at Infosecurity Europe The EU’s General Data Protection Regulation (GDPR) came into effect in May 2018 so it’s not surprising that data breaches are top of mind and on top of the headlines. While 73% of respondents 32 INTELLIGENTCIO indicated that their organisations had not suffered a data breach in the last two years, 44% of those who had would be in violation of GDPR if the breach happened today. GDPR violations are accompanied by both breach notification responsibilities and significant fines. Where’s the risk? For the second consecutive year, almost half of respondents (44%) highlighted customer- facing web applications as a top concern. Meanwhile, over a quarter of respondents reported that third party proprietary code posed the highest risk to their organisations, followed closely by misconfiguration in cloud or containerised applications and open source software components in the applications their organisations develop or use. To address those risks, you need to build security into your software development lifecycle and into the DNA of your development and operations environments. AppSec is complex and the stakes are high In this new era of data privacy heralded by GDPR, protecting user data from breaches is more critical than ever. Data breaches affecting customers by the millions top the news regularly – and the consequences aren’t insignificant. Are you prepared? n “ OVER A QUARTER OF RESPONDENTS REPORTED THAT THIRD PARTY PROPRIETARY CODE POSED THE HIGHEST RISK TO THEIR ORGANISATIONS.