Earlier, at the Autumn Budget Statement, Chancellor Philip Hammond announced £1 billion on funding will go into securing UK organisations and interests. There was a big focus on spending in cyber and making sure software used by UK firms are being secured and about the cyber calamity of WannaCry in May 2017.
Paul Farrington, Director EMEA and APAC at CA Veracode:
“It’s encouraging to see how highly the UK Government views cyber security as being critical to its national defence strategy.
Foreign state-backed and other malicious cyber actors are finding more sophisticated ways to gain access to sensitive data and use it for dangerous means. Application security is a $3 billion market and climbing because application software is vulnerable to attack and are one of the top weaknesses hackers look to exploit.
Although better than other European nations such as Switerland and Germany, UK organisations need to fix software flaws bugs much faster. From our State of Software Security Report (SoSS), on average UK organisations are spending 10 months to fix 75% of its flaws.
As public and private sector organisations become more dependent on web apps, not patching or fixing bugs quickly creates a greater attack surface as we saw with North Korea and WannaCry. In addition, developers are using open source components for a majority of their code, gaining speed but increasing risk if vulnerabilities are not accounted for.
If the UK Government is serious about reducing cyber risk, this must include a focus on software security.”