According to a new report conducted by Cloudentity, 44% of respondents have experienced at least substantial API authorization issues concerning privacy, data leakage, and object property exposure with one or both of internal and external-facing APIs. Additionally, 97% of respondents reported that identity and authorization issues with services and APIs have had a direct impact on their organization in the form of delays to new application or service enhancements.
Cloudentity’s study, “2021 State of API Security, Privacy and Governance,” explores the various ways organizations are accelerating their API development and authorization governance programs, and also examines key initiatives, drivers, adoption, investments, and benefits of these API-first programs. API-first programs are built to prioritize API management and security, while enabling developers and DevSecOps teams to better manage API security, data privacy, access, and compliance controls.
The report also reveals that the top five contributors of API identity and authorization risks are lack of data lineage, difficulty diagnosing issues, component-driven development complexity, and inconsistent security policy management. As a result, almost two-thirds of decision-makers intend to improve and advance their organization’s API-first programs, while 93% plan to increase their budget and resources for their strategy over the next year. The goals of this initiative will include minimizing human coding errors, staying compliant with regulations, ensuring data privacy and consent, preventing data leakage, and reducing cyber threats.
Cloudentity surveyed 300 IT leaders in charge of API management and security programs within organizations consisting of over 10,000 employees across the financial services, retail, high-tech, health care, consumer goods, and manufacturing industries.
Read the full report by Cloudentity.