According to the 2013 Chief Information Security Officers survey by the Open Web Application Security Project (OWASP), 75 percent of CISOs responded that external attacks had increased. When asked what the main areas of risk as percentage of the overall risk are, 70 percent of CISOs responded that web applications represent an area of risk higher than network infrastructure. - See more at:

The increased perception of threats and risks for applications shifts the organization investment from the traditional network security to application security: about 48 percent of CISOs have seen the investment in application security increasing as part of the company's annual budget, 37 percent consider it relatively constant and only 15 percent have seen a decrease. But this increased investment in application security brings new challenges for CISOs since securing web applications and software requires a different set of capabilities and skills outside the traditional information security domains. - See more at:

The link for this article located at Network World is no longer available.