Application Security in the Financial Services Industry: Myths vs. Reality
Financial institutions, like other organizations, struggle to implement application security (AppSec) tools and processes that can scale and keep pace with relentless demand. The complexities of managing and maintaining open source, and the adoption of cloud-native architectures and their associated microservices, all increase the degree of difficulty. Further, supply chain intricacies make it difficult to get a complete picture of an organization's risk profile.
It's no surprise then that AppSec continues to be a complex challenge for financial services organizations adopting modern development practices. A key difference for the financial services industry (FSI), however, is the high stakes involved. In 2019, the global financial services market was valued at $22 trillion.1 During the first year of the COVID-19 pandemic, over 70% of financial services firms experienced a successful cyber attack.2
Download the guide
Despite the high stakes and the challenges of securing software—or maybe because of them—many myths and misconceptions abound in the FSI. Using research data from the 2020 "Building Security In Maturity Model" (BSIMM) report and other sources, this eBook debunks and explains several AppSec myths prevalent among financial institutions.
1 Bowcut, Steven, "Cybersecurity in the financial services industry," Cybersecurity Guide, Feb. 25, 2021.