AppSec Stats Flash Vol 10: Healthcare Sector Spotlight

Over the last 10 months of AppSec Stats Flash, a few trends have come to light. Breach exposure by applications is on the rise. Remediation and mitigation of security issues is at best an imperfect science. The kinds of vulnerabilities that applications suffer from are constant. Applications remain the largest attack surface and hackers have it easy to breach these surfaces.

In AppSec Stats Flash Vol. 10, the NTT Application Security research team took a closer look at the health of the applications in the healthcare industry. More than half of the applications within the healthcare industry currently contain a critical vulnerability!  The two most common types of vulnerabilities that were found in this analysis are an abuse of functionality and information leakage. Some additional security statistics from this month’s report include:

  • 52% of applications in healthcare have at least one “high” or “critical” vulnerability open throughout the year.
  • 18% of critical vulnerabilities are fixed within one month of discovery
  • Healthcare performed 14% better than the industry average on remediating critical risks in the past three months

Each month, the AppSec Stats Flash reflects on the evolving threat landscape, tracks key AppSec metrics on an ongoing basis and brings forward key actionable takeaways for security and development teams who are responsible for the applications that run their business.

Let us know what you think of this month’s report on Twitter or LinkedIn, and be on the lookout for AppSec Stats Flash Vol. 11 in November.