[Infographic] BSIMM10 by the numbers
How many BSIMM participants have a software security group? How many think it’s key to their success? How many people are in the average SSG? Get the facts.
For 11 years, we’ve studied dozens of firms of different sizes and in different verticals to measure the software security practices they use in real life. We publish the results as the Building Security In Maturity Model (BSIMM), which describes the common areas many organizations share and the variations that make them unique.
BSIMM participants are the core of the BSIMM project. Our model is driven entirely by data about what firms are doing, without speculation as to what they should be doing. Without our participants, we’d have no data, and thus no model.
So who are BSIMM participants? How many people are in their software security groups? What activities do they perform? How well do they do? For participants who have had multiple BSIMM assessments across the years, how much have they improved? BSIMM10, available Sept. 18, will have all the answers. Until then, take a look at the infographic below (PDF version).
Facts about BSIMM participants
BSIMM10 | BSIMM9 | |
Number of years BSIMM has been around (started in 2008) | 11 | 10 |
Total number of BSIMM participants, all time | 185 | 167 |
Number of software security activities measured by BSIMM | 119 | 116 |
Average point increase seen in the raw scores of the firms re-measured | 11.1 | 10 |
Percent of BSIMM participants that incorporate the 12 core activities into their SSI | 63 | 62 |
Percent of participants that have an SSI and agree that it’s key to the success of their initiative | 100 | 100 |
Average ratio of SSG members to developers | 1:73 | 1:75 |
Average number of people in an SSG | 13.1 | 13.3 |
Average number of people in a satellite | 110 | 117 |
Percent of the top-scoring BSIMM participants that have a satellite | 86 | 90 |
Percent of the 10 lowest-scoring firms that have a satellite | 0 | 0 |
BSIMM10 is coming soon!
*** This is a Security Bloggers Network syndicated blog from Software Integrity Blog authored by Synopsys Editorial Team. Read the original post at: https://www.synopsys.com/blogs/software-security/bsimm-participants-infographic/