According to Cisco’s 2020 CISO Benchmark Report, “39% [of surveyed organizations] report they’re struggling to secure applications.” Consider this number will grow, as more applications are developed for organizational operations, apps spread to a wider swath of users via cloud, innovation will cause them to constantly change and sheer evolution will create unique dependencies. While application updates and evolution can help a business achieve success in our digital world, they can also cripple a business in the event of a malicious cybersecurity incident.

Then how do you keep your growing business secure in a world where cyber criminals have endless resources to attack your evolving applications?

Drawing from CISO Benchmark report research, “only 52% of survey respondents claimed they do a good job of building security into systems and applications”. Just more than half of respondents (56%) said, “We do a good job of building security into our procedures for acquiring, developing and maintaining systems and applications.” But is doing a “good job” good enough?

We use applications for most of our daily needs, including business operations. Industries we rely on and work for, like financial services, hospitality, tourism and more, use applications to moderate the billions of dollars’ worth of transactions that keep these verticals growing. For more on this topic, read this () article.

When CISO Benchmark report respondents were asked, “How challenging is it to defend each of the following from cyber-attacks…?”, 72% of respondents found applications to be somewhat, very or extremely challenging. Only 28% found it to be not at all or not very challenging. With business-critical operations happening within your applications, what happens when your cybersecurity posture fails? What impact can a breach have on your business if a hacker reaches the applications you and your customers rely on?

You need application security that provides closer, continuous, adaptive security to keep up with the speed of your business.


Security that provides access to insights is critical to securing your workloads. You need to be able to see changes in application behavior in order to detect threats. The sooner you can identify and stop malicious activity, the sooner you’ll be able to get your business back on track – and minimize downtime.


Keep up with your evolving application environments by using a security posture that can automate whitelist policies, ensuring that only those who are allowed have access to your workloads. Make sure your platform is monitoring for policy compliance and that it can alert you of deviations using behavior-analysis.


Your applications have unique dependencies. With micro-segmentation, machine learning can oversee unique application behavior and automate policy generation with the knowledge gained – adapting to your specific environment exactly when it’s needed.

Cisco’s application-first security solution can secure your dynamic environment by monitoring behavior, triggering notifications for suspicious activity, automating policy generation, and more.

Learn more about Cisco’s application-first security.



Taylor Palmer

Security Product Marketing Specialist

Security Marketing