CMD+CTRL sponsored a recent study conducted in partnership with Wakefield Research that highlights a gap in training for software security across the SDLC: while training remains a key focus among a majority of cybersecurity executives, it is often limited to developers. It also showed that 89% of the developers are expected to invest at least six hours annually in software security training, while only 18% of other stakeholders in the SDLC receive a similar amount of training.
Security vulnerabilities in software can lead to significant costs and reputational damage for businesses. The study identified customer satisfaction and churn (48%), delays in time to market (46%), and financial costs (45%) as some of the top impacts of security vulnerabilities that keep executives up at night. These concerns explain why businesses are spending between $1M to $4M annually on software security training to meet organizational goals like building a security culture (51%), meeting and maintaining compliance (50%), and addressing skill gaps (49%). And while 97% of the responding organizations offered some form of software security training, 48% of the respondents indicated difficulty in finding training solutions for all relevant roles, including quality assurance, project management, product owners, and other key stakeholders.
The study results suggest a critical need for secure software training that is comprehensive and accessible across all roles in SDLC. Download the study, Enhancing Cybersecurity: The Critical Role of Software Security Training for additional insights on the current state of software security training.
CMD+CTRL’s comprehensive suite of role-based modules, skill labs and hands-on cyber ranges are purpose-built to deliver security expertise to all software stakeholders—from developers to architects to the C-suite—to eliminate skills gaps, mitigate risk, achieve compliance, and drive productivity. Contact us today to learn how we can help you launch a successful software security training program to uplevel your security posture.