New global CISO research reveals increasing opportunities and pressures for security leaders along with the need for consolidation and developer adoption.
Checkmarx has released its Global CISO Survey: The Growing Impact of AppSec on Business report, based on survey results from 200 CISOs and other senior security executives worldwide in March of this year.
The survey uncovered a trend in which application security is becoming increasingly important in closing new business, with CISOs called upon to demonstrate the security of their business digital products and services and to differentiate and grow their businesses, resulting in more opportunities to shape organisational processes.
Among the key findings of the study are these:
- 84% of CISOs say that they are called into sales engagements related to closing sales of their company's products and services, highlighting the connection between AppSec and business growth
- 96% of CISOs say their prospects consider the level of application security of their organisations when making purchase decisions
- 77% of CISOs estimate that they're running at least half of their companies businesses on applications for which internal teams must ensure security
"As todays enterprise makes great strides with digital transformation initiatives and as the applications undergirding the digital business have grown ever more complex, CISOs have a critical need for the consolidation of security alerts, reports and dashboards for better risk management and prioritising their developers remediation tasks," says Checkmarx CEO Sandeep Johri.
"The CISOs we work with are increasingly called to demonstrate the security of their businesses products and services in sales engagements, and in board discussions they are presented with more opportunities to shape organisational processes," he says.
"These trends and their needs are driving the ongoing innovation and increasing openness and consolidation of the cloud-native Checkmarx One Application Security Platform."
The report found 96% of respondents say their business prospects at least occasionally consider their level of application security when making deal decisions.
The study shows that the banking and financial services industry encounters this request more often than other industries. For example, 50% of CISOs in the banking and financial industry said AppSec is strongly considered in purchasing decisions, compared to 24% in the industrial and manufacturing industry.
However, across all industries, especially industrial and manufacturing, the number of prospects wanting to know the level of application security prior to purchase is growing.
The survey was conducted online by an independent survey company. Respondents included a mix of CISOs, CSOs, CIOs, Deputy CISOs, Deputy CSO and, Deputy CIOs, from companies in North America, Western Europe, the Asia Pacific region, and Latin America with an annual revenue of $750,000,000 or greater, across a variety of industries, including banking and finance, insurance, software, technology, engineering, manufacturing, industrial and the public sector.
The respondents were approached by the research panel and invited via email to complete the survey. Answers to most of the non-numerical questions were randomised to prevent order bias in the answers.