▾ G11 Media Network: | ChannelCity | ImpresaCity | SecurityOpenLab | Italian Channel Awards | Italian Project Awards | Italian Security Awards | ...
InnovationOpenLab

Nearly Half of Development Teams Now “Own” Application Security, Checkmarx Global Survey Finds

Checkmarx, the industry leader in cloud-native application security for the enterprise, has published its annual research report, “A CISO’s Guide to Steering AppSec in the Age of DevSecOps.” Bas...

Business Wire

Improving DevSecOps maturity remains a priority, yet CISOs report only 39% of business operations run on secured applications

PARAMUS, N.J.: Checkmarx, the industry leader in cloud-native application security for the enterprise, has published its annual research report, “A CISO’s Guide to Steering AppSec in the Age of DevSecOps.” Based on a survey of 200 chief information security officers (CISOs) from across diverse industries and regions, the global study uncovered key factors driving the trend for closer collaboration between development and security teams. One key finding is that 49% of CISOs say buyers now factor application security (AppSec) into purchasing decisions. In fact, in nearly half of software-based product companies, security oversight has moved outside the CISO’s office entirely.

As application complexity and scale grow — driven by AI, microservices and hybrid application architectures — engineering teams are increasingly accountable for ensuring secure, scalable delivery. With faster release cycles and expanding code bases, AppSec decisions and budgets are shifting toward development teams to embed security earlier and more efficiently in the development process.

“We’re witnessing a pivotal change: AppSec is now a competitive differentiator, a budget priority and a boardroom issue,” said Checkmarx Chief Product Officer Jonathan Rende. “As development teams take greater ownership, CISOs must focus on governance, strategy and collaboration to keep security outcomes on track.”

Key Finding: Application Security is Crucial to Purchasing Decisions

CISOs responding from industries including banking and finance, media, insurance, software, manufacturing and the public sector revealed that robust AppSec programs and practices remain a strong differentiator in their customers’ buying decisions. Key data points include:

  • 49% of respondents report that buyers regularly consider application security in purchasing decisions
  • 24% indicated that application security is “always” a factor in those decisions
  • This trend is most pronounced in Europe, where 58% of respondents report that security is “always” a factor, compared to 33% in the Asia Pacific region and only 8% in North America

The Checkmarx study also found that decision-making is becoming increasingly decentralized, with development teams more often influencing security practices and even owning budget authority. The study revealed that:

  • In organizations developing software-based products responsibility is split, 50% of organizations assign security responsibility to CISOs while 43% move security oversight to development teams
  • 56% of organizations say that most of their development teams are fully integrated with AppSec programs

Rende added, “As security responsibility migrates toward development teams, so does the funding. That’s why CISOs today need to lead with influence, creating guardrails, not roadblocks.”

Security’s Role in the Boardroom Remains Inconsistent

The study report highlights a persistent gap in how security is communicated at the executive level. While 62% of CISOs report AppSec metrics to their board, most focus solely on vulnerability counts, with only 25% tying those risks to business outcomes like brand reputation or regulatory exposure. This disconnect underscores the urgency for CISOs to frame security in terms of business risk — a prerequisite for securing sustained buy-in at the executive level.

To download the full report, visit this page.

Methodology

Performed in collaboration with Global Surveyz, researchers surveyed CISOs at organizations with annual revenues exceeding $750 million and development teams of at least 180 developers. Participants represented key sectors including banking and finance, insurance, software, technology, engineering, media, manufacturing, industrials and the public sector, spanning the United States, Canada, Western Europe and the APAC region.

About Checkmarx

Checkmarx helps the world’s largest enterprises get ahead of application risk without slowing down development. More applications, faster pipelines and growing threats are all contributing to skyrocketing risk. Checkmarx helps end the guesswork in identifying the most critical issues to fix. Giving AppSec the tools they need while letting developers work the way they want, from DevOps pipelines to developer experience, Checkmarx helps security and development teams work better together – all on a unified application security platform. That’s why so many enterprises rely on Checkmarx to scan over one trillion lines of code each year, see 2X ROI, and improve developer productivity on security tasks by 50%. Checkmarx. Always Ready to Run.

Follow Checkmarx on LinkedIn, YouTube and X.

Fonte: Business Wire

If you liked this article and want to stay up to date with news from InnovationOpenLab.com subscribe to ours Free newsletter.

Related news

Last News

RSA at Cybertech Europe 2024

Alaa Abdul Nabi, Vice President, Sales International at RSA presents the innovations the vendor brings to Cybertech as part of a passwordless vision for…

Italian Security Awards 2024: G11 Media honours the best of Italian cybersecurity

G11 Media's SecurityOpenLab magazine rewards excellence in cybersecurity: the best vendors based on user votes

How Austria is making its AI ecosystem grow

Always keeping an European perspective, Austria has developed a thriving AI ecosystem that now can attract talents and companies from other countries

Sparkle and Telsy test Quantum Key Distribution in practice

Successfully completing a Proof of Concept implementation in Athens, the two Italian companies prove that QKD can be easily implemented also in pre-existing…

Most read

Securonix Acquires ThreatQuotient to Deliver Industry’s Broadest and Deepest…

Today, Securonix, a five-time Leader in the Gartner® Magic Quadrant™ for Security Information and Event Management (SIEM), announced the acquisition of…

Confidential Computing Poised for Explosive Growth as Anjuna Secures Three…

Anjuna, a leader in Confidential Computing and AI Data Fusion Clean Rooms, today announced the addition of a new top five global bank to its growing roster…

PubNub Evolves Its Platform with AI-Native Development, Real-Time Moderation,…

PubNub, the leader in real-time interactive apps, unveiled the next evolution of its platform. It introduces AI-native development, real-time decision…

Glean Raises $150M Series F at $7.2B Valuation to Accelerate Enterprise…

Work AI leader Glean today announced it raised $150 million in Series F financing, bringing its valuation to $7.2 billion. The round was led by Wellington…

Newsletter signup

Join our mailing list to get weekly updates delivered to your inbox.

Sign me up!