Cloudentity Research Reveals At Least 44% of Enterprises Report Experiencing Substantial API Security and Privacy Issues

Report Conducted by PulseQA Finds that the Majority of Enterprises have Less Mature, Decentralized API Authorization Policy Management and are Facing Delays in Application Development

Cloudentity, a leading provider of authorization and identity for modern applications, announced its 2021 “State of API Security, Privacy and Governance” report conducted by PulseQA, revealing that in the last 12 months, at least 44% of respondents expressed substantial issues concerning privacy, data leakage, and object property exposure with internal or external-facing APIs. As a result of these issues, 97% of enterprises experienced delays in releasing new applications and service enhancements due to identity and authorization issues with APIs and services.

APIs act as the foundation of app modernization and digital transformation that connect users and systems to a network of services, applications, and data – making them a key component of web applications and cloud computing. Unfortunately, the vast majority (83%) of organizations’ service/API authorization policy management remains decentralized with only some policy standards that are hardcoded in each application. This report showcases how enterprises are advancing API-first programs in their organization and reveals the issues, drivers, maturity, investments, and benefits.

Marketing Technology News: Bluewater Media Bolsters Digital Team with Hire of Executive Kristy Andreadakis

“Cloud-native API Security, Privacy and Governance – Shift Left DevOps and DevSecOps”

The comprehensive survey of 300 IT practitioners and decision-makers conducted in September 2021, represented a balanced cross-section of organizations of 10,000 employees or more in financial services, healthcare, high tech, retail, consumer goods and manufacturing industries. The findings revealed that only a staggering 2% of enterprise IT practitioners in these industries feel completely confident in their organization’s ability to reduce API security issues such as unauthorized access, data privacy, compliance risk and security threats.

“An API exposes sensitive data that is accessed by other systems, partners and customers. This had made them a high-value target for cyberattacks. As API endpoints proliferate, enterprises must standardize and improve the controls they use to protect this data, applying a zero trust approach to API access and data exchange. This goes beyond simple authentication. We must move to a model where every API transaction is dynamically authorized and easily audited for compliance, and monitored for suspicious activity,” said Jason Needham, CEO of Cloudentity. “This report illustrates the challenge and progress being made across industries to mature API security and privacy governance, and shows its benefit of streamlining application development, compliance verification and service delivery.”

Cloudentity will share a recap of these findings in an upcoming webcast entitled “Cloud-native API Security, Privacy and Governance – Shift Left DevOps and DevSecOps,” on November 9 at 9:00 a.m. PT/12:00 p.m. ET/5:00 p.m. GMT.

Marketing Technology News: MarTech Interview with Gavin Laugenie, Global Head of Content at dotdigital