Report: All Industries Fail at Cybersecurity

Report: All Industries Fail at Cybersecurity
Image credit: Pixabay
2 min read
This story originally appeared on CNBC

Most sectors failed industry-standard security tests of their Web and mobile applications, but the government failed the worst, a report by application security company Veracode found.

Most strikingly isn't how poorly the government's applications fared. It's how unlikely they were to be fixed.

Government agencies fix fewer than one-third of all detected problems, according to the report. By comparison, financial services fixed 81 percent of its problems, while manufacturing fixed 65 percent. 

Only 24 percent of government agency applications passed security tests, compared with those of financial services at 42 percent. Manufacturing followed at 35 percent, as illustrated below in the figures from the report.

Click to Enlarge+
Report: All Industries Fail at Cybersecurity - chart

It is interesting to note, however, that manufacturing had the highest concentration of security problems per unit of executable coding, almost double the government's concentration.

The report comes just weeks after a cybersecurity attack that exposed millions of federal employees' personal information. Just a month ago, a federal judge ruled that Target had to pay millions of dollars to victims of its massive security breach.

Veracode collected data from more than 200,000 tests it ran on its customers, including federal and state agencies. Veracode's co-founder and chief technology officer, Chris Wysopal, said the company reserves the right to analyze and publish anonymized customer data to publish public findings and propose solutions.

Veracode's network of computers launches simulated attacks on its customers to find flaws and come up with solutions.

Click to Enlarge+
Report: All Industries Fail at Cybersecurity - chart

"Part of [the solution] is going to be a willingness to adopt a risk-based approach as opposed to compliance. To look at different vulnerabilities and fix them, base them on thinking, 'What risk does this pose to our organization and the data that we have?'" Wysopal said. 
Budget problems are a contributing factor, but inadequate contracts are also to blame, he said. Wysopal suggested that government agencies include language in their contracts that requires them to fix problems that are discovered in the future.

President Barack Obama recently proposed an increase to the government's 2016 cybersecurity budget, jacking it up $1 billion to $14 billion.

Neither the Department of Homeland Security nor the Secret Service immediately returned calls for comment.

More from Entrepreneur

Dustin's experience and expertise can help you monetize your message, build a marketing strategy and connect with influencers.
Book Your Session

For a limited time only, get this bundle of Entrepreneur PressĀ® titles for less than $30 (60% OFF) on our bookstore when you use "LEAP" at checkout.
Buy Now

Are paying too much for business insurance? Do you have critical gaps in your coverage? Trust Entrepreneur to help you find out.
Get Your Quote Now

Latest on Entrepreneur

My Queue

There are no Videos in your queue.

Click on the Add to next to any video to save to your queue.

There are no Articles in your queue.

Click on the Add to next to any article to save to your queue.

There are no Podcasts in your queue.

Click on the Add to next to any podcast episode to save to your queue.

You're not following any authors.

Click the Follow button on any author page to keep up with the latest content from your favorite authors.