3% of public sector applications are defect-free

A recent Veracode report examined public sector debt management and application risk. Paper debt, defined in the report as defects that remain unrepaired for more than a year, occurs in 59% of public sector claims, compared to an overall rate of 42%.

Researchers found that while slightly fewer public sector organizations (68%) have collateral debt than other industries (71%), they tend to accumulate more of it. Three percent of applications are defect-free, compared to six percent in other industries. Even more worryingly, 40% of public sector entities have high-severity persistent deficiencies that constitute “critical” security debt that, if exploited, would seriously compromise enterprise confidentiality, integrity and availability.

According to the report, security debt in the public sector primarily impacts first-party code (93%), but most critical security debt comes from third-party dependencies (55.5%).

Read the report.