According to research by Veracode, public sector applications tend to have more flaws than private sector applications. Researchers found that just under 82% of applications developed by public sector organizations had at least one security flaw detected in their most recent scan over the last 12 months, compared to 74% of private sector organizations.
Depending on the type of flaw tracked, public sector applications had a seven to 12 percent higher probability of having a flaw introduced in the last 12 months.
Numbers alone don’t convey the consequences that occur when hackers exploit software flaws and vulnerabilities. In early May this year, a ransomware attack against the city of Dallas hobbled functions relied on to deliver public services, including IT systems used by public safety agencies.
The research also found reasons for public sector organizations to be optimistic about application security. Discovery of “high severity” flaws in public sector applications (16.5%) in a 12-month period was lower than in non-public sector applications (19%).