Checkmarx Report
AI coding is becoming the risky norm
AI-supported software development is profoundly changing the security situation, according to the new report "Future of Application Security in the Era of AI" by Checkmarx. 81% of companies knowingly deliver insecure code.
Checkmarx, a provider of autonomous, cloud-native application security, has published the results of its annual report "Future of Application Security in the Era of AI". The study paints a comprehensive picture of how AI-supported software development is permanently changing the risk landscape - and provides concrete recommendations for action in the coming year. Around 1,500 CISOs, AppSec managers and developers from North America, Europe and the Asia-Pacific region were surveyed.
The results make it clear: AI-generated code is becoming the standard, but governance is lagging behind. Half of those surveyed already use coding assistants, 34% have more than 60% of their code created by AI. Only 18% of companies have clear guidelines - risks and attack surfaces increase with growing use.
The report also shows that economic pressure is normalizing risky practices: 81% of companies knowingly deliver insecure code, 98% were affected by incidents in 2024. 32% expect API attacks in the next twelve to 18 months. Yet less than half use basic protection measures, and only about half have DevSecOps strategies in place.
Accordingly, the report recommends moving from awareness to action: Embed security measures across the board, create clear governance for AI, use tools consistently and give developers more responsibility.
Patrick Siffert, Regional Director DACH & Iberia at Checkmarx, explains: "With the increasing use of AI, cloud technologies and IIoT, CISOs and AppSec teams need to treat security as a strategic priority. We need comprehensive protection from code to cloud and clear governance for AI-generated code to reliably protect our innovations." The full report can be found here.
You might also be interested in
Resource center for digital security
Mouser Electronics offers electronics engineers a wealth of knowledge on cyber security and suitable products in its 'Security Resource Center'.
read more...Germany is top 3 target for ransomware attacks
A recent report by the Var Group sheds light on the cyber security situation in Europe. The so-called Y-Report shows a significant increase in security incidents; the manufacturing industry is particularly affected.
read more...Abhijit Dubey is the new Chief Executive Officer
As the new CEO, Abhijit Dubey is responsible for NTT Data's business outside Japan.
read more...Déjà vu from IT
Automation is currently characterized by exciting trends - these are "revolutionary" innovations with which the IT industry has long had experience, but the automation industry has not yet. "IT meets OT" with practical examples.
read more...4.5 billion euro fine in six years
The GDPR turns six. Spain, Italy and Germany are the frontrunners when it comes to breaches of the General Data Protection Regulation. The individual data protection authorities have identified 2072 infringements, resulting in fines amounting to 4.5...
read more...New management in DACH region
Trend Micro bundles its business in Germany, Austria and Switzerland: Hannes Steiner is the new Vice President DACH, Nicholas Pook takes over responsibility for channel sales in the region.
read more...AI and ML in focus at the European Data Protection Day
January 28, 2024 is European Data Protection Day. Reason enough to raise awareness of privacy and data protection and sensitize people to relevant IT security issues. Here is a commentary by Carla Roncato, Vice President of Identity, WatchGuard.
read more...Whitepaper on protection against ransomware
Check Point has published a new white paper and a brochure on the topic of "Protection against ransomware across all attack surfaces". It is clear that a multi-layered security approach is urgently needed. CISOs are now challenged.
read more...Manage IT and OT systems remotely
Maintaining and managing IT and OT infrastructures remotely is no trivial matter. The security standards defined by the BSI for remote maintenance solutions in the IT and OT environment are correspondingly high. An approach.
read more...