Insecure code putting business data at risk

Insecure code putting business data at risk

Microsoft has urged nations to report vulnerabilities than to stockpile, sell, or exploit them for their own gains.

Many organisations rely on unsecure code for mission-critical functions, with the UK scoring worst for security, according to a new report.

Research by CAST, which analysed more than a billion lines of code across 1,850 applications, found that “a significant amount” of unsecured code is in use.

Financial services organisations were found to be the most at-risk because of the code they use, followed by retailers and telecommunications firms. The report found that government organisations used the most secure code.

“Lack of security architecture combined with porous code in legacy systems produce easy targets for hackers,” said Dr Bill Curtis, senior vice president and chief scientist at CAST Research Labs, commenting on the findings.

“This is especially concerning in financial services applications. Despite the push to go digital, our CRASH Report findings indicate there is a significant amount of bad code lingering in enterprise systems. The takeaway for IT is clear: poor software quality is exposing many businesses to excessive risk.”

The report found that smaller teams produce better code, with groups of more than 20 performing worst. The “sweet spot” was found to be 10 team members.

In terms of project management, the highest scoring code in the report was written using hybrid methods combining features from the agile and waterfall methods.

Secure code is essential to protecting both valuable intellectual property and customer data, the theft of which could land businesses in regulatory hot water.

The European Union’s new General Data Protection Regulation, which comes into full effect in May 2018, threatens fines of up to €20 million (£17.5 million) or four per cent of global turnover for breached firms that are seen to have done too little to protect their customers’ data.

Photo copyright monsitj under licence from

Copyright Lyonsdown Limited 2021

Top Articles

RockYou2021 data leak: 8.4 billion passwords compromised

A report shows that 100GB of data which includes 8.4 billion passwords have been recently leaked on the internet, people are being encouraged to secure their accounts.

Hackers Breach Electronic Arts & Steal Game Code

Electronic Arts, one of the world's biggest video game publishers including games such as FIFA, Madden, Sims and Medal of Honor, are the latest company to be hacked.

JBS Foods paid £7.7m in ransom to REvil ransomware gang

JBS Foods, the world’s largest processor of beef and poultry products, has admitted to paying a ransom of $11 million to cyber criminals, a week after it announced that operations…

Related Articles

[s2Member-Login login_redirect=”” /]