Security News > 2023 > December > Alert fatigue puts pressure on security and development teams
The research found that AppSec chaos reigns, with 78% of CISOs responding that today's AppSec attack surfaces are unmanageable and 90% of responders confirmed relationships between their security and development teams need to improve.
85% of CISOs acknowledge dev teams suffer from vulnerability noise and alert fatigue, which strains the relationship between security and dev teams.
88% acknowledge that because of alert fatigue developers are not focused on remediating critical vulnerabilities, which increases the potential for a security breach and puts the business at risk.
Only 21% of respondents believe that both security and development are equally responsible for application security, confirming that many security professionals question whether application security is a team sport.
The report also shows that alert fatigue is not the only cause of the souring relationship between security and development teams.
"Much of the Cycode report findings align with what we're seeing in the market, starting with the criticality of software supply chain security," said Katie Norton, Senior Research Analyst at IDC. "Our 2023 DevSecOps Adoption, Techniques and Tools Survey identified a vulnerable software supply chain as a top application security gap. Our IDC research also found that companies struggle with developer and security misalignment and have prioritized fostering coordination."
News URL
https://www.helpnetsecurity.com/2023/12/08/appsec-risks-prioritization/
Related news
- SOC teams are frustrated with their security tools (source)
- Week in review: Microsoft fixes two exploited zero-days, SOC teams are losing trust in security tools (source)
- Top 5 Cloud Security Automations for SecOps Teams (source)
- Microsoft Ignite 2024 Unveils Groundbreaking AI, Security, and Teams Innovations (source)