Sauress : Saudi businesses urged to put application security at heart of 2030 Vision plans

Pakistan monsoon death toll rises to 299, including 140 children Saudi Arabia issues new regulations for food laboratory operations Saudi Tourism Ministry launches e-service to boost accommodation capacity in Makkah and Madinah for Hajj 1447 Four health colleges rank lowest in 2025 national licensure exam results SABIC posts $1.41 billion loss in H1 2025 on UK plant closure, restructuring costs OPEC+ to boost oil output by 547,000 bpd in September Foreign direct investment nets SR1.9 billion in Saudi stock market for July Saudi, Iraqi justice ministers sign cooperation agreement in Riyadh Palestine Red Crescent says Israeli strike on Gaza HQ kills worker, injures three Saudi defender Saud Abdulhamid joins RC Lens on loan from AS Roma Riyadh Comedy Festival tickets now on sale for world's biggest stand-up event Flash floods, landslides kill 8 in northern Vietnam, 3 missing Canada rejects claims of ongoing arms exports to Israel Saudi Gazette publishes full text of new foreign property ownership law The law grants non-Saudis broader real estate rights under defined conditions while imposing restrictions in Makkah and Madinah Sotheby's returns Buddha jewels to India after uproar Riyadh Film Music Festival returns with live orchestral performances of iconic movie scores Nissan Formula E Team celebrates a landmark season 11 with proud Saudi sponsor Electromin Fahad bin Nafel steps down as Al Hilal president after historic six-year run João Félix unveiled by Al Nassr as €50m move marks bold new chapter in Riyadh Saudi Arabia approves first Alzheimer's treatment with lecanemab for early-stage patients Sholay: Bollywood epic roars back to big screen after 50 years with new ending Ministry launches online booking for slaughterhouses on eve of Eid Al-Adha Shah Rukh Khan makes Met Gala debut in Sabyasachi Pakistani star's Bollywood return excites fans and riles far right Exotic Taif Roses Simulation Performed at Taif Rose Festival Asian shares mixed Tuesday Weather Forecast for Tuesday Saudi Tourism Authority Participates in Arabian Travel Market Exhibition in Dubai Minister of Industry Announces 50 Investment Opportunities Worth over SAR 96 Billion in Machinery, Equipment Sector HRH Crown Prince Offers Condolences to Crown Prince of Kuwait on Death of Sheikh Fawaz Salman Abdullah Al-Ali Al-Malek Al-Sabah HRH Crown Prince Congratulates Santiago Peña on Winning Presidential Election in Paraguay SDAIA Launches 1st Phase of 'Elevate Program' to Train 1,000 Women on Data, AI 41 Saudi Citizens and 171 Others from Brotherly and Friendly Countries Arrive in Saudi Arabia from Sudan Saudi Arabia Hosts 1st Meeting of Arab Authorities Controlling Medicines General Directorate of Narcotics Control Foils Attempt to Smuggle over 5 Million Amphetamine Pills NAVI Javelins Crowned as Champions of Women's Counter-Strike: Global Offensive (CS:GO) Competitions Saudi Karate Team Wins Four Medals in World Youth League Championship Third Edition of FIFA Forward Program Kicks off in Riyadh Evacuated from Sudan, 187 Nationals from Several Countries Arrive in Jeddah SPA Documents Thajjud Prayer at Prophet's Mosque in Madinah SFDA Recommends to Test Blood Sugar at Home Two or Three Hours after Meals SFDA Offers Various Recommendations for Safe Food Frying SFDA Provides Five Tips for Using Home Blood Pressure Monitor SFDA: Instant Soup Contains Large Amounts of Salt Mawani: New shipping service to connect Jubail Commercial Port to 11 global ports Custodian of the Two Holy Mosques Delivers Speech to Pilgrims, Citizens, Residents and Muslims around the World Sheikh Al-Issa in Arafah's Sermon: Allaah Blessed You by Making It Easy for You to Carry out This Obligation. Thus, Ensure Following the Guidance of Your Prophet Custodian of the Two Holy Mosques addresses citizens and all Muslims on the occasion of the Holy month of Ramadan

Thank you for reporting!

This image will be automatically disabled when it gets reported by several people.

Saudi businesses urged to put application security at heart of 2030 Vision plans

The Saudi Gazette Published in The Saudi Gazette on 18 - 10 - 2016

F5 Networks on Tuesday urged Saudi businesses to put application security at the heart of plans to support the Kingdom's tech-driven and transformative 2030 Vision.
The global application security specialist highlighted the pitfalls and opportunities for business-leaders as it revealed findings from its first Annual State of Application Security report, which was conducted in partnership with the Ponemon Institute.
"The proliferation of cutting-edge technology in Saudi Arabia is increasingly important as the Kingdom's 2030 Vision is delivered. This is a genuinely transformative plan and applications will function as its central nervous system, empowering both individuals and business to prosper through new levels of flexibility and innovation," said Mamduh Allam, Saudi Arabia General Manager, F5 Networks.
"However, the accountability for the security of applications appears to be in a state of flux, and IT departments still face significant barriers to ensure the integrity of these apps and the data they contain."
Fifty percent of businesses run between 500 and 2,500 active applications, according to F5's Application Security in the Changing Risk Landscape report.12% use more than 2,500.
Despite a third of all applications deemed critical to day-to-day activity, only 35% claimed to have the resources to detect vulnerabilities and as few as 30% said they had the technology to remediate the issues. A full 88% were concerned about new and emerging cyber-security threats weakening the future state of application security.
Worryingly, 43% also claimed to have no confidence that they knew all the applications in their organization (23% were "somewhat confident").
Allam explained that one of the biggest challenges business face is a seachange in IT responsibility, particularly as applications become more central to delivering vital services, adaptive to mobile workforces and harnessing the Internet of Things.
F5's survey found that 56% of respondents believe accountability for application security is shifting from IT to the end user or application owner. Whereas 21% respondents claimed the CIO or CTO is accountable, another 20% said nobody one had full ownership.
"We are finding that businesses are still coming to terms with the onslaught of new technologies, such as the Internet of Things infiltrating all aspects of our professional and personal lives. As a result, IT departments are often unprepared and under-resourced to implement sufficient defense strategies," said Allam.
"Poor visibility on the application layer, application migration to the cloud, the proliferation of mobile devices and the lack of preparation of the development teams are among the main pitfalls faced by Saudi businesses today."
In the past year, the most common security incidents due to insecure applications were SQL injections (29%), DDoS (25%) and Web fraud (21%). Fifty percent of respondents reported that applications are attacked more frequently than the network layer, with 58% claiming these types of attack are more severe.
63% of respondents said application layer attacks are harder to detect than at the network layer and 67% indicated they were more difficult to contain. The majority of respondents (57%) noted that a lack of visibility in the application layer is an impediment to achieving a robust security posture. In part, this can be attributed to the fact that network security is better funded than application security. F5's report discovered that 18% of the IT security budget is dedicated to application security, whereas more than double that amount (an average of 39%) is allocated to network security.
Other significant barriers are created by migration to the cloud (47%), lack of skilled or expert personnel (45%) and the proliferation of mobile devices (43% respondents).
Indeed, the growth in mobile and cloud-based applications is seen as significantly affecting application security risk. 60% of respondents say mobile apps increase risk (25%) or increase risk significantly (35%). 51% of respondents say cloud-based applications increase risk (25%or increase risk significantly (26%).
Almost half of respondents said their organization does not test applications for threats and vulnerabilities (25%) or testing is not pre-scheduled (23%). Only 14% of respondents say applications are tested every time the code changes.
The situation is exacerbated by businesses having scant confidence that application developers in their organization practice secure design, development and testing of applications. When it comes to application development, 74% claim they are only somewhat confident (27% or have no confidence (47%) that practices such as input/output validation, defensive programming and appropriate compiler/linker security options are conducted.
Nevertheless, there is growing confidence that the increasing prominence and influence of DevOps or continuous integration will have a positive impact on application security. 35% of respondents say their organizations have adopted DevOps or continuous integration practices into the application development lifecycle. 71% say this results in improved application security and enables them to respond quickly to security issues and vulnerabilities (56 percent of respondents).
The perceived cyber-security skill-gap is also a pressing issue. 69% of respondents believe the shortage of skilled and qualified application developers puts their applications at risk. Moreover, 67% say the "rush to release" causes application developers in their organization to neglect secure coding procedures and processes.
Recent F5 research highlights the importance of businesses tackling issues head-on or risk customer trust issues. A recent privacy and security survey among 1,000 Saudi consumers found that 59% are concerned that their data will fall into the wrong hands, followed closely by their privacy being compromised (57 percent). However, Saudi consumers were consistently more willing to give up their data compared to consumers in Europe; only 8 percent per stated they would not give up their data at all, compared to 33 percent the UK.
While consumers in Saudi Arabia regarded banks as the most trustworthy companies (91 percent), there is dissatisfaction in the methods used to protect their data. Consumers believed that banks (86 percent), public sector and government (80 percent), insurance (72 percent) and healthcare (71 percent), needed to field better authentication capabilities to achieve greater security. Across EMEA, 88% of consumers felt strongly that organizations should improve authentication for greater security.
"Ultimately, application security is a collective responsibility," added Allam.
"Stakeholders in the equation of a successful application deployment strategy should include the IT department, developers, DevOps and also company CIO or CTO executives who need to attribute more resources to this important area of business. Determining a sustainable ownership strategy for application security will help firms to deploy applications security across their employee network for 24-hour access, on any device and from any location." — SG

Clic here to read the story from its source.