A CISO’s Guide to Steering AppSec in the Era of DevSecOps

In North America, only 8% of respondents report security is “always” a factor in purchasing decisions.

In the Asia Pacific region, 33% of respondents report security is “always” a factor in purchasing decisions.

Only 39% of business operations run on secured applications, according to CISOs.

In nearly half of software-based product companies, security oversight has moved outside the CISO’s office entirely.

49% of CISOs say that buyers now factor application security (AppSec) into purchasing decisions.

24% of respondents indicated that application security is “always” a factor in purchasing decisions.

In Europe, 58% of respondents report that security is “always” a factor in purchasing decisions.

In organisations developing software-based products, responsibility is split: 50% of organisations assign security responsibility to CISOs, while 43% move security oversight to development teams.

56% of organisations say that most of their development teams are fully integrated with AppSec programmes.

62% of CISOs report AppSec metrics to their board.