A recent survey conducted by Opinion Matters on behalf of Noname Security unveiled some eye opening facts about API security. The survey included 631 cybersecurity professionals from USA and UK and focused on the API security incidents of the last 12 months.
This article will highlight ten shocking statistics about API security.
Table of Contents
10 Statistics About API Security
Here are ten statistics about API security that you wish you knew earlier.
1. 78% Businesses Suffered API Security Attack Last Year
One of the most shocking statistics from the study is that almost 8 out of 10 businesses experienced an API attack last year. Despite this, very few businesses pay attention to API security. What’s even worse is that API related attacks usually don’t get the media attention it deserves. This keeps businesses blindsided and uninformed from the harmful effects of these API attacks.
2. 81% businesses said that API Security is a Higher Priority than Last Year
With API attacks surging, top business executives have started taking it more seriously. A vast majority of business executives said that API security is a much higher priority today than it was a year ago. This statistic shows that businesses have started taking API security seriously but they need to adopt a proactive approach to API security instead of reactive one such as investing in an Anti DDoS protection solution.
3. 72% of Cybersecurity Professionals Have an Inventory of APis They Have Deployed
This statistics shows that not all cybersecurity professionals maintain an inventory of APIs that they have deployed. In fact, 28% of cybersecurity professionals don’t have an inventory of all the APIs that they have deployed. How can you secure APis that are not in your inventory? You can’t. That is exactly what’s happening with both API security and hydraulic equipment safety
4. 55% of Businesses Tested Their Application Programming Interfaces Every Day
Deploying application programming interface is one thing and securing it is another. You have to constantly test it so you know exactly which security issues are emerging in real time. Failure to do this can lead to exploited vulnerabilities that you didn’t know about. No business would want that.
5. 51% of Businesses Sadi That Loss of Customer Goodwill Is The Biggest Reason Why They Neglect API Security
You might be wondering why are businesses not paying attention to API security if it is such a big threat. One of the biggest reasons is customer goodwill and churned accounts. More than half (51%) of businesses tend to put API security on the back burner due to this. Businesses must look to strike a perfect balance between API security and customer retention.
6. 53% of Businesses Consider API Security as a Necessary Requirement
Another evidence of businesses taking API security seriously is that more than half of businesses now consider API security a necessary requirement. With businesses not taking API security for granted anymore, expect them to take measures to secure their application programming interfaces.
7. 53% of Organizations Said That Their Developers Spend 25% to 50% of their Time on Refactoring and Remediating Issues
This statistic clearly shows why businesses shy away from API security. Fixing API security issues is time consuming and recurring activity. In fact, it takes anywhere from a quarter to half of developer time in remediating and retracting API security issues.
8. 48% of Businesses Blamed Fees To Fix API Security Issues As The Reason For Not Taking API Security Seriously
Remediating API security issues is not only time consuming but it is also a costly endeavor for businesses. The fees attached to fixing these API issues puts off almost half of businesses and deter them from plugging API security vulnerabilities.
What these businesses won’t realize is that leaving API security issues unattended can lead to even more financial loss. In some cases, these financial losses are so huge that small to mid-size businesses won’t be able to recover from this shock. Don’t want your businesses to suffer the same fate? Fix API security issues as soon as you can.
9. 47% Businesses Consider It as a Business Enabler
Gone are the days when API security was not part of the business discussion. Fast forward to today and it is a business enabler for almost half of businesses. A strong API security can help you win customer trust and make your business more lucrative for other stakeholders such as vendors, partners and suppliers. This can even give you a competitive advantage over other businesses in your industry especially if your business is the only one taking API security seriously.
10. 40% of Businesses have Visibility Into Sensitive Data That APIs are Exposing
According to Noname Security study, Only 40% of businesses have visibility into sensitive data that their APIs are exposing. This is alarming to say the least. When you combine that with the above mentioned statistics of 28% of cybersecurity professionals not maintaining an inventory of APIs, it paints a horrific picture.
You can analyze similar trends in road statistics. Lack of visibility into API security vulnerabilities is one of the biggest reasons why most businesses fall victim to API security attacks.
Have any API security statistics that we have missed?