Software Integrity Blog


Survey: Mobile and web apps are top security challenge

A Synopsys survey reveals that the security of customer-facing web and mobile apps is the top security challenge for IT professionals in Asia.

A new Synopsys survey reveals that customer-facing web and mobile applications are the top security challenge for IT professionals in Asia.

In September 2017, Synopsys conducted a survey at Singapore International Cyber Week (SICW), the region’s most established cyber security event. We spoke to 244 C-level IT professionals, managers, and executives in person at the event.

“It is not surprising that web and mobile applications represent such a high risk to businesses in Asia, as they often process highly sensitive information and cyber attacks targeting them are increasing in sophistication in the region. To effectively address cyber threats, software companies need to move beyond reactive measures by implementing software security initiatives that embrace the fundamentals of software integrity and proactively build security and quality into their software development life cycle (SDLC).

—Geok Cheng Tan, Managing director (Asia Pacific), Synopsys Software Integrity Group

Main findings from the SICW 2017 survey

Top security risk: Web and mobile apps

Nearly one-third (31%) of respondents viewed customer-facing web applications as the area presenting the most security risk to businesses. This was followed by 23% who identified mobile apps and 20% who suggested that embedded or IoT systems presented the most risk.

Application and system types with highest risk

Top security concern: Threat and breach detection

Half (50%) of those surveyed said that threat or breach detection within these applications represented the top security concern.

Application security concerns

Top security challenge: Cyber security skills gap

Almost half (48%) of those surveyed felt that aside from the technical challenges of securing customer-facing web applications, a lack of skilled security personnel or training was the biggest challenge, which reflects the cyber security skills gap across the globe.

Apps security challenges

Most organizations have an incident response plan

Two-thirds (66%) of respondents said they have a strategy in place in the event of a security incident. Only 16% said they didn’t have one, and 18% said they didn’t know whether they had a strategy in place.

Incident response plan to deal with a cyber attacks

These results are reassuring, as the increased frequency and severity of cyber attacks is expected to continue to rise.

Additional findings

Most orgs rely on an internal software security group

Apps security management

13% of orgs think they’re too small to be a target

Rate the risk of attack to your organization

38% of orgs know they’ve been attacked

Has your organization been the target of a cyber attack in the last 2 years?

18% of orgs lack cyber security awareness training

Cyber security awareness training for employees

We’d also like to note that the opinions of the participants aren’t the opinions of Synopsys.

Are your software security initiatives in sync?

Optimize my software security strategy


More by this author