Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Protection

Security Considerations: Rising Use of APIs in the Enterprise

More Than 85% of Enterprises Will Have an API Program by 2018

Application Programming Interfaces (APIs) provide an excellent way for enterprises to interact with their partners and customers, and offer developers a way to enhance applications and offer key capabilities to end-users.

More Than 85% of Enterprises Will Have an API Program by 2018

Application Programming Interfaces (APIs) provide an excellent way for enterprises to interact with their partners and customers, and offer developers a way to enhance applications and offer key capabilities to end-users.

Now more than ever, enterprises are making their business applications and data available through APIs to open up new business opportunities and grow their ecosystem.

In fact, according to a recent study conducted by Layer 7 Technologies, more than 43 percent of respondents said that their organization currently has an API program in place, while 27 percent said a program would be launched within the next year.

While APIs provide a great avenue for business opportunities, especially in the areas of web-based applications, social media, and mobile applications, they also open up a new area of risk and bring an added attack vector.

In other words, APIs are another area that information security teams need to protect from abuse in order to safeguard company and customer data.

In Layer 7’s study, nearly half of those polled said data security and privacy were their biggest security considerations.

Respondents said that mobile performance optimization, developer enablement and data analytics were the three most important features needed in an API management solution.

Layer 7, which provides API management tools, said that despite the steady growth of cloud-based API management solutions, more than half (55.1 percent) still preferred an on-premise solution, while hybrid deployments (cloud with on-premise) were also popular (42.8 percent).

Of the 140 enterprise IT professionals that Layer 7 surveyed in May, respondents highlighted several business goals driving the growing need for API programs, including:

• Mobility programs (71.9 percent);

• Partner connectivity (69.1 percent);

• Cloud integration (67.6 percent);

• Enabling internal developers (66.9 percent); 

• Fostering external developer ecosystems (55.4 percent)

“Enterprises are increasingly recognizing APIs as a cornerstone of the modern open hybrid enterprise,” said Dimitri Sirota, senior vice president, Security, CA Technologies and co-founder of Layer 7. “For an organization to be successful, it must have a strategy to deploy and manage the APIs that will enable it to secure and leverage data, empower a mobilized workforce and engage with the developers driving the app economy.”

Written By

For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...

Application Security

Many developers and security people admit to having experienced a breach effected through compromised API credentials.

Risk Management

A threat-based approach to security often focuses on a checklist to meet industry requirements but overlooked the key component of security: reducing risk.

Risk Management

CISA has published a report detailing the cybersecurity risks to the K-12 education system and recommendations on how to secure it.

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.