CISOs See Software Supply Chain Security As Bigger Blind Spot Than GenAI: Cycode

CISOs See Software Supply Chain Security As Bigger Blind Spot Than GenAI: Cycode

December 7, 2023 at 06:30PM

Cycode released the State of ASPM 2024 report, the first of its kind, revealing that a majority of CISOs find current AppSec surfaces unmanageable. 90% see a need to improve security-dev relations, with software supply chain security being a critical oversight. Their ASPM platform, including newly announced ConnectorX, aims to help organizations consolidate AppSec tools and improve application security posture management.

Clear Takeaways from the Meeting Notes:

1. Cycode has released the inaugural State of ASPM 2024 report, which shows significant issues in application security management among CISOs.
2. The report is based on a survey of 500 U.S. CISOs, AppSec Directors, and DevSecOps team members, with participants from both large and medium-sized companies.
3. Key Findings:
– 78% of CISOs find current AppSec attack surfaces unmanageable.
– 90% cite the need for improved relations between security and development teams.
– 77% of CISOs view software supply chain security as a critical concern, more so than Gen AI or open source.
– 85% recognize that developers are overwhelmed by vulnerability alerts, leading to alert fatigue.
– Only 21% feel both security and development teams are equally responsible for application security.
– 77% find it difficult to ascertain who exactly is responsible for AppSec.
– 75% of professionals find it challenging to manage multiple security tools.
4. Industry Projections:
– Gartner® predicts that by 2026, more than 40% of organizations developing proprietary applications will adopt ASPM solutions.
5. Cycode’s Survey Insights:
– ASPM adoption may occur within a quicker time frame than industry forecasts suggest.
– 92% of CISOs are looking to consolidate AppSec tools into a single platform within the next year.
6. Cycode’s Solutions:
– Cycode has introduced an expanded, complete ASPM approach and the ConnectorX platform for easy 3rd party ASPM integrations.
– Enhancements to Cycode’s Risk Intelligence Graph (RIG) enable smarter risk-based prioritization.
7. Additional Information:
– Cycode’s ASPM platform provides a comprehensive solution to standardize security without impacting business speed.
– The company, backed by Insight Partners and YL Ventures, has raised $80 million and has top Fortune 100 customers.
– The State of ASPM 2024 report is available online, as well as more details on Cycode’s ASPM solutions, and a demo can be booked.

The meeting notes reflect Cycode’s positioning as a leader in ASPM and its strategic response to current AppSec challenges faced in the industry.

Full Article