What keeps security pros up at night? Software development – or at least the lack of security involved, according to a new study. Respondents to the sixth Global Information Security Workforce Study, conducted by (ISC)², the non-profit organization that administers the Certified Information Systems Security Professional (CISSP) certification, ranked secure software development as their greatest […]
What keeps security pros up at night? Software development – or at least the lack of security involved, according to a new study.
Respondents to the sixth Global Information Security Workforce Study, conducted by (ISC)², the non-profit organization that administers the Certified Information Systems Security Professional (CISSP) certification, ranked secure software development as their greatest worry.
That squares with the prediction of Avivah Litan, an analyst at Gartner Research, who expects that one in four DDoS attacks will be application based, as my colleague Sue Marquette Poremba has written.
In the (ISC)² survey of more than 12,000 security pros worldwide, only 12 percent said they were personally involved in software development, 20 percent in procurement, and just 10 percent were involved with outsourcing.
Malware and mobile device vulnerabilities are close behind as major worries; security concern is high for BYOD and cloud computing as well.
Meanwhile, just 28 percent said their organizations can remediate from a targeted attack within one day.
Other findings:
“Now, more than ever before, we’re seeing an economic ripple effect occurring across the globe as a result of the dire shortage of qualified information security professionals we’ve been experiencing in recent years,” said W. Hord Tipton, executive director of (ISC)², in a statement.
In apparent reference to recent reports of cyber attacks against private U.S. corporations, Tipton added:
“More and more enterprises are being breached. We must focus on building a skilled and qualified security workforce that is equipped to handle today’s and tomorrow’s most sophisticated cyber threats.”
The go-to resource for IT professionals from all corners of the tech world looking for cutting edge technology solutions that solve their unique business challenges. We aim to help these professionals grow their knowledge base and authority in their field with the top news and trends in the technology space.
Property of TechnologyAdvice. © 2025 TechnologyAdvice. All Rights Reserved
Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.
