96% of Singapore technologists report expansion in attack surfaces over the last two years: Research

Cisco AppDynamics recently revealed some key Singapore-related findings from their latest application security report which was published today - “The shift to a security approach for the full application stack”. The research gives insight into new app security challenges and was conducted between July and August 2022. It includes findings from 1,150 IT professionals interviewed across 13 markets worldwide, including Singapore.

In Singapore, 100% of technologists admit that the rush to rapidly innovate and respond to the changing needs of customers and users has come at the expense of robust application security during software development.

The research also reveals that 96% of technologists in Singapore report that their organisation has experienced an expansion in its attack surfaces over the last two years. As IT teams have accelerated release velocity and built more dynamic applications across more platforms, application security hasn’t kept pace. And 65% of technologists in Singapore admit that their organisation often ends up in “security limbo” because they don’t know what to focus on and prioritise.

However, organisations are now looking ahead and are willing to break down the silos within the IT department and bridge the gap between IT operations and security.37% have already started taking a DevSecOps approach, and 58% are currently considering making the shift.

Other key Singapore related takeaways from the report include:

• 81% of technologists report that a lack of application security skills and resources is now an issue for their organisations.
• 81% feel that their organisation is vulnerable to a multi-staged security attack over the next 12 months.
• 96% believe that it’s important to be able to contextualise security.
• 27% of technologists report that their ITOps teams only collaborate with security teams when there is a potential issue, if at all.
• 88% of technologists state that the implementation of a security approach for the full application stack is now a priority for their organisation.

This research paints a picture of growing complexity and IT departments being unable to manage the ever-increasing amount of sprawl. Current systems have served their purpose, but now need to evolve to meet the new needs of distributed applications. Technologists also need to do more to address application security risks and ensure they have the right tools, insights, and team structures to effect meaningful change.Robust automation, using the power and capabilities of AI and ML, is key to a successful DevSecOps strategy, identifying threats and resolving them in realtime, without the need for human intervention.