SlideShare a Scribd company logo

BSIMM By The Numbers

Cigital, profile picture
Cigital

The document presents statistics from the BSIMM (Building Security In Maturity Model) regarding software security activities since its inception in 2008. Key metrics include the average number of participants, the effectiveness of Security Steering Groups, and an observed increase in raw scores among re-measured firms. It highlights the importance of BSIMM's core activities and the widespread agreement from firms on the significance of established security teams.

Software
Related topics:
Application Security • agile-software-development • Software Security
1 of 1
Download to read offline
1
Number of software security activities measured by the BSIMM BSIMM 0 112 1:75 Numbersby the Number of years BSIMM has been around (started in 2008) Average number of people in a satellite 13.9 Average number of people in an SSG Average ratio of SSG members to developers Percent of BSIMM participants that incorporate BSIMM’s 12 core activities into their SSI 64 100Percent of BSIMM participants that have an SSG and agree that it’s key to the success of their initiative 10 Average point increase seen in the raw scores of the 26 firms re-measured 131 100 Percent of the 10 lowest-scoring firms that have a satellite Percent of the 10 highest-scoring firms that have a satellite www.BSIMM.com Total number of firms studied by BSIMM. Copyright © 2015 Cigital, Inc ✔ 1047

More Related Content

PDF
Accenture 2015 North American Insurance Risk Management Study Infographic
Accenture Insurance
 
PPTX
The Fiction behind IT Security Confidence
SolarWinds
 
PPT
How to Connect Your Server Room to the Board Room – Before a Data Breach Occurs
SurfWatch Labs
 
PPTX
Ernst & Young visuals security survey 2012
Advent IM Ltd
 
PPTX
Data security risks and the cost of business continuity (slideshare) tmcs q...
tmcscs
 
PDF
7 Safety Insights from Industrial Business Leaders
Dozuki Software
 
PDF
The Cyber Security Leap
Accenture New Zealand
 
PPTX
Raising your game in behavioural safety
SHExpo
 
Accenture 2015 North American Insurance Risk Management Study Infographic
Accenture Insurance
 
The Fiction behind IT Security Confidence
SolarWinds
 
How to Connect Your Server Room to the Board Room – Before a Data Breach Occurs
SurfWatch Labs
 
Ernst & Young visuals security survey 2012
Advent IM Ltd
 
Data security risks and the cost of business continuity (slideshare) tmcs q...
tmcscs
 
7 Safety Insights from Industrial Business Leaders
Dozuki Software
 
The Cyber Security Leap
Accenture New Zealand
 
Raising your game in behavioural safety
SHExpo
 

Viewers also liked (7)

PDF
Get Your Board to Say "Yes" to a BSIMM Assessment
Cigital
 
PPTX
Software Security Initiative Capabilities: Where Do I Begin?
Cigital
 
PDF
The Path to Proactive Application Security
Cigital
 
PPTX
Video Game Security
Cigital
 
PPTX
Software Security Metrics
Cigital
 
PPTX
Cyber War, Cyber Peace, Stones, and Glass Houses
Cigital
 
PPTX
Static Analysis Tools and Frameworks: Overcoming a Dangerous Blind Spot
Cigital
 
Get Your Board to Say "Yes" to a BSIMM Assessment
Cigital
 
Software Security Initiative Capabilities: Where Do I Begin?
Cigital
 
The Path to Proactive Application Security
Cigital
 
Video Game Security
Cigital
 
Software Security Metrics
Cigital
 
Cyber War, Cyber Peace, Stones, and Glass Houses
Cigital
 
Static Analysis Tools and Frameworks: Overcoming a Dangerous Blind Spot
Cigital
 
Ad

More from Cigital (13)

PDF
7 Lessons Learned From BSIMM
Cigital
 
PPTX
Secure Design: Threat Modeling
Cigital
 
PDF
Getting Executive Support for a Software Security Program
Cigital
 
PPTX
Handle With Care: You Have My VA Report!
Cigital
 
PPTX
Can You Really Automate Yourself Secure
Cigital
 
PPTX
How to Choose the Right Security Training for You
Cigital
 
PPTX
6 Most Common Threat Modeling Misconceptions
Cigital
 
PDF
The Complete Web Application Security Testing Checklist
Cigital
 
PDF
SAST vs. DAST: What’s the Best Method For Application Security Testing?
Cigital
 
PPTX
BSIMM: Bringing Science to Software Security
Cigital
 
PPTX
BSIMM-V: The Building Security In Maturity Model
Cigital
 
PPT
5 Models for Enterprise Software Security Management Teams
Cigital
 
PPT
How to Avoid the Top Ten Software Security Flaws
Cigital
 
7 Lessons Learned From BSIMM
Cigital
 
Secure Design: Threat Modeling
Cigital
 
Getting Executive Support for a Software Security Program
Cigital
 
Handle With Care: You Have My VA Report!
Cigital
 
Can You Really Automate Yourself Secure
Cigital
 
How to Choose the Right Security Training for You
Cigital
 
6 Most Common Threat Modeling Misconceptions
Cigital
 
The Complete Web Application Security Testing Checklist
Cigital
 
SAST vs. DAST: What’s the Best Method For Application Security Testing?
Cigital
 
BSIMM: Bringing Science to Software Security
Cigital
 
BSIMM-V: The Building Security In Maturity Model
Cigital
 
5 Models for Enterprise Software Security Management Teams
Cigital
 
How to Avoid the Top Ten Software Security Flaws
Cigital
 
Ad

Recently uploaded (20)

PDF
Internet Downloader Manager (IDM) Crack 6.42 Build 42 Updates Latest 2025
itskinga12
 
PDF
Audit Checklist Design Aligning with ISO, IATF, and Industry Standards — Omne...
rohnjim07
 
PDF
Design an Analysis of Algorithms II-SECS-1021-03
DilanEscobar1
 
PDF
Why TechBuilder is the Future of Pickup and Delivery App Development (1).pdf
TechBuilder
 
PDF
top salesforce developer skills in 2025.pdf
CloudMetic
 
PPTX
CHAPTER 12 - CYBER SECURITY AND FUTURE SKILLS (1) (1).pptx
AnujKumar530915
 
PPTX
Odoo POS Development Services by CandidRoot Solutions
CandidRoot Solutions Private Limited
 
PDF
Digital Strategies for Manufacturing Companies
Virendra Rai, PMP
 
PDF
Flood Susceptibility Mapping Using Image-Based 2D-CNN Deep Learnin. Overview ...
lawrenceomai2
 
PPTX
Operating system designcfffgfgggggggvggggggggg
rmskumara09
 
PPTX
VVF-Customer-Presentation2025-Ver1.9.pptx
blackmambaettijean
 
PPTX
Introduction to Artificial Intelligence
lohedi9363
 
PPTX
CHAPTER 2 - PM Management and IT Context
KevinPutra14
 
PDF
Claude Code: Everyone is a 10x Developer - A Comprehensive AI-Powered CLI Tool
William Chong
 
PDF
System and Network Administration Chapter 2
jaramharo
 
PDF
Design an Analysis of Algorithms I-SECS-1021-03
DilanEscobar1
 
PDF
Nekopoi APK 2025 free lastest update
umarali35kp
 
PPTX
history of c programming in notes for students .pptx
Vijayakumari829030
 
PPTX
Lecture 3: Operating Systems Introduction to Computer Hardware Systems
hci7se
 
PDF
Softaken Excel to vCard Converter Software.pdf
markwillsonmw004
 
Internet Downloader Manager (IDM) Crack 6.42 Build 42 Updates Latest 2025
itskinga12
 
Audit Checklist Design Aligning with ISO, IATF, and Industry Standards — Omne...
rohnjim07
 
Design an Analysis of Algorithms II-SECS-1021-03
DilanEscobar1
 
Why TechBuilder is the Future of Pickup and Delivery App Development (1).pdf
TechBuilder
 
top salesforce developer skills in 2025.pdf
CloudMetic
 
CHAPTER 12 - CYBER SECURITY AND FUTURE SKILLS (1) (1).pptx
AnujKumar530915
 
Odoo POS Development Services by CandidRoot Solutions
CandidRoot Solutions Private Limited
 
Digital Strategies for Manufacturing Companies
Virendra Rai, PMP
 
Flood Susceptibility Mapping Using Image-Based 2D-CNN Deep Learnin. Overview ...
lawrenceomai2
 
Operating system designcfffgfgggggggvggggggggg
rmskumara09
 
VVF-Customer-Presentation2025-Ver1.9.pptx
blackmambaettijean
 
Introduction to Artificial Intelligence
lohedi9363
 
CHAPTER 2 - PM Management and IT Context
KevinPutra14
 
Claude Code: Everyone is a 10x Developer - A Comprehensive AI-Powered CLI Tool
William Chong
 
System and Network Administration Chapter 2
jaramharo
 
Design an Analysis of Algorithms I-SECS-1021-03
DilanEscobar1
 
Nekopoi APK 2025 free lastest update
umarali35kp
 
history of c programming in notes for students .pptx
Vijayakumari829030
 
Lecture 3: Operating Systems Introduction to Computer Hardware Systems
hci7se
 
Softaken Excel to vCard Converter Software.pdf
markwillsonmw004
 

BSIMM By The Numbers

  • 1. Number of software security activities measured by the BSIMM BSIMM 0 112 1:75 Numbersby the Number of years BSIMM has been around (started in 2008) Average number of people in a satellite 13.9 Average number of people in an SSG Average ratio of SSG members to developers Percent of BSIMM participants that incorporate BSIMM’s 12 core activities into their SSI 64 100Percent of BSIMM participants that have an SSG and agree that it’s key to the success of their initiative 10 Average point increase seen in the raw scores of the 26 firms re-measured 131 100 Percent of the 10 lowest-scoring firms that have a satellite Percent of the 10 highest-scoring firms that have a satellite www.BSIMM.com Total number of firms studied by BSIMM. Copyright © 2015 Cigital, Inc âś” 1047