Security News > 2024 > July > Firms skip security reviews of major app updates about half the time
Cyber security workers only review major updates to software applications only 54 percent of the time, according to a poll of tech managers.
Twenty-two percent of respondents confessed they did a security review under half of the time, and the same percentage claim to have reviewed code 50 to 74 percent of the time.
Only 19 percent said a security review took less than a day, while 46 percent estimated one to three days were needed.
Based on this, CrowdStrike calculated the average yearly cost of security reviews at nearly $1.2 million.
Even when doing the same math, but with median number of reviews per week and employees per review, the annual expenditure for code reviews was $188k.
There doesn't seem to be a single root cause as to why security reviews are so time and money-consuming - it comes down to a variety of factors.
News URL
https://go.theregister.com/feed/www.theregister.com/2024/07/18/security_review_failure/
Related news
- Windows 10 KB5044273 update released with 9 fixes, security updates (source)
- Microsoft Issues Security Update Fixing 118 Flaws, Two Actively Exploited in the Wild (source)
- Microsoft pulls Exchange security updates over mail delivery issues (source)
- AlmaLinux 9.5 released: Security updates, new packages, and more! (source)
- Oracle Linux 9 Update 5 brings security updates, OpenJDK 17, .NET 9.0 (source)