720-891-1663

Alerts

Security Debt -It is a REAL Problem

Leave a comment

Veracode’s 2026 State of Software Security report gives us the magnitude of the problem.

Veracode makes security testing software and has a million of customers. That means that the data is real – from actual code of actual customers.

They, tested code from 1.6 million unique applications – both static and dynamic testing and here is what they found.

  • 82 percent of organizations have security debt
  • 60 percent have critical debt
  • On the other hand, apps with open source flaws went down. A little bit.
  • Fix speed improved a tiny bit – from 252 days to 243 days

Here are some more stats:

But think of this. If it is taking hackers a matter of minutes to move laterally and take advantage of the bugs once they are in, improving the fix speed from 252 days to 243 days is not going to solve the problem.

Now what we need to do is to get executive leadership to understand that this is not an IT problem. It is a company survival problem.

As we see companies getting hacked every day and the impact and cost of those hacks, technical debt and specifically security debt is a big contributor to that.

You can hope that the hackers pass over you, but hope is not a strategy. Or you can work to reduce security debt.

It is up to you.

Please contact us if you need assistance.

Credit: Helpnet Security

Facebooktwitterredditlinkedinmailby feather

Leave a Reply

Your email address will not be published. Required fields are marked *

Copyright © 2026 CyberCecurity, All rights reserved. Privacy Policy