The survey, entitled Application Security: Where are the Hidden Vulnerabilities? is live now and may be accessed at: Application Security: Where are the Hidden Vulnerabilities?
In May, the Office of the Comptroller of the Currency (OCC) became the first banking regulatory agency to issue a bulletin reminding institutions of the importance of application security as part of a sound information security program. All applications, whether internally developed, vendor-acquired, or contracted for, must be subject to appropriate security risk assessment and mitigation processes.
It's expected that other regulatory agencies will follow suit with their own reminders of the importance of application security.
Which begs the question: What is the state of application security at banking institutions and their third-party service providers?
Information Security Media Group (ISMG) has set out to answer to this very important question with this new survey designed to uncover the gaps in application security. This exclusive survey from ISMG seeks to explore:
"Given recent threats, application security has to be top-of-mind with banking and security leaders," says Tom Field, Editorial Director of ISMG, publisher of BankInfoSecurity.com and CUInfoSecurity.com. "Regulators are talking about the topic, and their focus is only going to increase. Now is the time to measure and fill application security gaps."
This survey will be live through Sept. 1, and its results will be presented in an upcoming special report from Information Security Media Group.
The Application Security survey is the latest major research initiative from ISMG. Previously, ISMG has studied Identity Theft Red Flags Rule compliance Application Security: Where are the Hidden Vulnerabilities?, and the State of Banking Information Security 2008 (https://www.bankinfosecurity.com/survey.php) was administered last winter, resulting in a report that set the agenda for banking institutions' regulatory, security and management challenges for the year.
About ISMG: Based in Princeton, N.J., Information Security Media Group publishes BankInfoSecurity.com and CUInfoSecurity.com, which are the one-stop portals for the latest news, insights and education on the top information security issues facing U.S. financial institutions today. Through articles, webinars, podcasts, blogs and news alerts from federal regulatory agencies such as the FDIC, NCUA, OCC, FRB and OTS, the ISMG team is committed to providing up-to-date information on the security regulations, threats, solutions, training and career trends that most impact banks, credit unions and other related enterprises. Leading companies supporting and benefiting from these initiatives include CA, Fortify, RSA Security, Secure Computing, Symantec and VeriSign.