Last week we released the ESG Research Insights Report, Security Leadership Study – Trends in Application Security, revealing what CISOs are looking to prioritize in the year to come.
With the ever-expanding threat landscape and increasingly sophisticated adversaries, organizations are looking to proactive approaches to security. In fact, the report indicated a notable increase in the awareness and adoption of next-generation solutions such as crowdsourced cybersecurity.
The majority of organizations (55 percent) currently run a crowdsourced security program. Another 32 percent expect to run one within the next 12 months or are interested in doing so in the future, indicating a growing acceptance of and reliance on a nontraditional methods for defense.
Businesses focused on cybersecurity — those intending to spend 15 percent or more of their IT budget on cybersecurity, along with companies in the technology sector — are the leading adopters of the crowdsourced model. However, crowdsourced cybersecurity is certainly not exclusive to technology companies, with nearly half (42 percent) of the respondents from other industry verticals currently running a crowdsourced cybersecurity program and another 24 percent expecting to run one within 12 months.
Crowdsourced security is fast becoming a foundational element of any organization’s cybersecurity program. It has allowed our customers to keep pace with the fast and disruptive nature of today’s business cycles, with flexible, continuous, contextual and reportable processes, ultimately helping them remain competitive.
Yet, any time a new approach is prescribed, its relationship to current solutions comes into question. The report also indicated that crowdsourced security will not likely replace traditional security methods in the near term. Instead, 59 percent of organizations see crowdsourced cybersecurity as complementary to traditional point-in-time penetration testing. An additional 34 percent of respondents report they believe each approach delivers unique benefits. Ultimately, a multifaceted approach will yield better results versus leveraging only one penetration testing methodology.
For more insights on these trends and security leadership priorities for application security, check out the ESG Research Insights Report, Security Leadership Study – Trends in Application Security.
We’re also hosting a webinar featuring Bugcrowd CSO David Baker and ESG Senior Analyst and Group Director Doug Cahill on Thursday, April 25 at 10am PT (1 pm ET) for a discussion on the key report findings.
To learn more, register for the webinar.