Two-Thirds of Companies Lack Overall Cybersecurity Policy

1 comment

Software developers say that only 31 percent of their companies have a formalized cybersecurity policy which is followed throughout the organization, according to the Global Development Survey 2017, released Tuesday by Evans Data Corporation (EDC).

The survey found that 34 percent have an informal policy adopted by various departments, while roughly 25 percent have a piecemeal policy defined within departments, or none at all.

Evans Data surveyed more than 1500 developers from different regions in different languages for the report, and found that APAC companies are most likely to have overall formal cybersecurity strategy. More companies is North America and the EMEA region have informal policies, and companies without policies are most common in EMEA.

See also: Your Password Is Terrible and Everyone Wants to Fix That

“Recent events have highlighted the need for enhanced cybersecurity,” said Janel Garvin, CEO of Evans Data, “but security has been a top issue for software developers for quite some time and across many disciplines. We have consistently seen the developers themselves citing security as a chief concern so there is frustration that their companies aren’t taking an overall approach.”

The report shows 26 percent of developers globally developing apps to run on secure and trusted systems, but within the next six months 19 percent expect to start doing so.

See also: Report: Reliability, Security Top Factors in Selecting Web Hosting Provider

Cybersecurity planning and policy has previously been identified as a widespread challenge. U.S. legislators are reported to be considering a bill to encourage better cybersecurity practices amongst small businesses. SaaS app adoption by IT professionals is moving faster than plans and budgets to secure them, according to a survey released by BetterCloud in October.

Add Your Comments

  • (will not be published)

One Comment

  1. Thomas

    Have you considered what would be a solution to this? I mean besides companies getting more security, what type of security would be best? I believe that it would need to be able to access all of your SaaS apps, pointing out redundant programs, and how many users you have.