3% of public sector applications are flaw free

Image via Unsplash

Public sector security debt and application risk management was analyzed in a recent report by Veracode. Security debt, defined by the report as flaws that remain unfixed for longer than a year, exists in 59% of applications in the public sector, compared to the overall rate of 42%.

Researchers found that while slightly fewer public sector organizations (68%) have security debt than other industries (71%), they tend to accumulate more of it. Three percent of applications are flaw-free, compared to six percent across other industries. Even more concerning, 40% of public sector entities have persistent, high-severity flaws that constitute ‘critical’ security debt, which would put the confidentiality, integrity and availability of businesses at serious risk if exploited.

According to the report, security debt in the public sector primarily affects first-party code (93%), but most of the critical security debt comes from third-party dependencies (55.5%).

Read the report.

ON DEMAND: In this webinar, Regina Lester, Vice President of Security & Safety Operations at Toledo Zoo, will share her insights on implementing security technologies in the entertainment sector and the challenges all organizations face — large and small — when it comes to balancing budget and security.