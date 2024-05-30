Sixty eight percent of public sector organizations surveyed by researchers for the Veracode State of Software Security 2024 report were found to have applications that suffered from what the study dubbed as “security debt” — flaws that have not been fixed for more than a year.

The study further found that 59 percent of the applications used by public sector organizations were impacted by this problem, Veracode said Wednesday.

Another critical finding indicates that 40 percent of public sector organizations had security debt deemed critical, meaning the flaws are not only persistent but also high in severity, placing the confidentiality, integrity and availability of businesses at serious risk.

Commenting on the findings of the study, Veracode Chief Research Officer Chris Eng said the “accumulated security debt” affecting the apps used by the government has left the public sector “dangerously exposed to attacks from hackers.”

Regarding critical debt, Eng noted that most organizations are capable of addressing them, though prioritization is crucial.

“By prioritizing that security debt with focused effort, organizations can achieve maximum risk reduction and then move to address non-critical flaws based on their risk tolerance and capabilities,” Eng said.

