Security News > 2024 > July > Firms skip security reviews of major app updates about half the time
Cyber security workers only review major updates to software applications only 54 percent of the time, according to a poll of tech managers.
Twenty-two percent of respondents confessed they did a security review under half of the time, and the same percentage claim to have reviewed code 50 to 74 percent of the time.
Only 19 percent said a security review took less than a day, while 46 percent estimated one to three days were needed.
Based on this, CrowdStrike calculated the average yearly cost of security reviews at nearly $1.2 million.
Even when doing the same math, but with median number of reviews per week and employees per review, the annual expenditure for code reviews was $188k.
There doesn't seem to be a single root cause as to why security reviews are so time and money-consuming - it comes down to a variety of factors.
News URL
https://go.theregister.com/feed/www.theregister.com/2024/07/18/security_review_failure/
Related news
- Microsoft pulls Exchange security updates over mail delivery issues (source)
- AlmaLinux 9.5 released: Security updates, new packages, and more! (source)
- Oracle Linux 9 Update 5 brings security updates, OpenJDK 17, .NET 9.0 (source)
- Wireshark 4.4.2: Security updates, bug fixes, updated protocol support (source)
- Update your OpenWrt router! Security issue made supply chain attack possible (source)
- Ivanti Issues Critical Security Updates for CSA and Connect Secure Vulnerabilities (source)
- Windows 11 installation media bug causes security update failures (source)
- Windows 11 Media Update Bug Stops Security Updates (source)