Software Integrity


Research reveals customer-facing web and mobile apps as top security challenge

A new Synopsys survey reveals that customer-facing web and mobile applications are the top security challenge for IT professionals in Asia.

From Sept. 19 to 21, 2017, Synopsys conducted a survey at Singapore International Cyber Week (SICW), the region’s most established cyber security event. We spoke to 244 C-level IT professionals, managers, and executives in person at the event.

“It is not surprising that web and mobile applications represent such a high risk to businesses in Asia, as they often process highly sensitive information and cyber attacks targeting them are increasing in sophistication in the region. To effectively address cyber threats, software companies need to move beyond reactive measures by implementing software security initiatives that embrace the fundamentals of software integrity and proactively build security and quality into their software development life cycle (SDLC).

—Geok Cheng Tan

Managing director (Asia Pacific), Synopsys Software Integrity Group

SICW 2017 survey highlights

Nearly one-third (31%) of respondents viewed customer-facing web applications as the area presenting the most security risk to businesses. This was followed by 23% who identified mobile apps and 20% who suggested that embedded or IoT systems presented the most risk.

Which types of applications or systems present the highest security risk to your business?

Half (50%) of those surveyed said that threat or breach detection within these applications represented the top security concern.

What is your top security concern?

Almost half (48%) of those surveyed felt that aside from the technical challenges of securing customer-facing web applications, a lack of skilled security personnel or training was the biggest challenge, which reflects the cyber security skills gap across the globe.

What challenges do you face in implementing an application security program?

Two-thirds (66%) of respondents said they have a strategy in place in the event of a security incident. Only 16% said they didn’t have one, and 18% suggested they didn’t know whether they had a strategy in place.

Do you have an incident response plan in place to deal with a cyber attack on your organization?

These results are reassuring, as the increased frequency and severity of cyber attacks is expected to continue to rise.

Additional findings

How is your app security managed by your organization?

How would you rate the risk of attack to your organization?

Has your organization been the target of a cyber attack in the last 2 years?

Do you offer cyber security awareness training for all employees?

We’d also like to note that the opinions of the participants aren’t the opinions of Synopsys.

Make sure your software security initiatives are in sync

Get started