Latest Building Security In Maturity Model reflects software security initiatives of 120 firms>
Help Net Security
Synopsys released BSIMM9, the latest version of the Building Security In Maturity Model (BSIMM) designed to help organizations plan, execute, and measure their software security initiatives (SSIs). The ninth iteration of BSIMM reflects data collected over a 10-year study of real-world SSIs across 120 firms. Firms are moving their workloads and development pipelines to the cloudâa paradigm shift that requires different approaches to software security. Three new activities directly or indirectly related to cloud transformation were observed and added to the BSIMM. Activities observed among independent software vendors, IoT companies, and cloud firms (three of the most prominent verticals) have begun to converge, suggesting that common cloud architectures require similar software security approaches. The BSIMM can be used to compare SSIs within and between verticals. A new vertical industryâretailâemerged in the BSIMM9 data. SSIs in retail are maturing relatively quickly as new models focused on e-commerce become critical to sustaining a healthy business. The retail vertical is already more mature in security than healthcare and insurance. BSIMM9 includes data collected from 120 firms, up from 109 firms in BSIMM8. The number of software security practitioners it measures grew by 65 percent, and the number of developers included grew by 43 percent. This notable growth in the BSIMM population indicates that software security is a growing priority.
Link: https://www.helpnetsecurity.com/2018/10/03/bsimm9/