Security News > 2024 > July > Firms skip security reviews of major app updates about half the time

Cyber security workers only review major updates to software applications only 54 percent of the time, according to a poll of tech managers.

Twenty-two percent of respondents confessed they did a security review under half of the time, and the same percentage claim to have reviewed code 50 to 74 percent of the time.

Only 19 percent said a security review took less than a day, while 46 percent estimated one to three days were needed.

Based on this, CrowdStrike calculated the average yearly cost of security reviews at nearly $1.2 million.

Even when doing the same math, but with median number of reviews per week and employees per review, the annual expenditure for code reviews was $188k.

There doesn't seem to be a single root cause as to why security reviews are so time and money-consuming - it comes down to a variety of factors.

News URL

https://go.theregister.com/feed/www.theregister.com/2024/07/18/security_review_failure/