This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

CISO Survey 2013: Foreword

Jump to: navigation, search

< Back to the CISO Survey main page


There is no question that application security has become a serious concern in almost every organization and industry. And more and more, application security is taking center stage in the struggle to keep information systems safe and the stored data protected. OWASP created this survey to provide senior managers with an opportunity to compare their organizations with others on important application security issues and gain insights for making key decisions. The questionnaire consisted of 26 in-depth questions concerning security investments and challenges, threats and risks, tools and technology, and governance and control within the various surveyed organizations. This research report with the results is publicly available on the website. OWASP will be further refining our CISO survey in 2014 and increasing the collected data sets. In case you are interested in participating or providing feedback and insights, please provide your contact information, and we will contact you shortly. We take confidentiality very seriously and make sure that all personal identifiable individual and company information is NOT disclosed nor published in the survey report.

This survey report is in sync with the recently released the OWASP Application Security Guide for CISOs. These two projects are designed to harmoniously complement each other, the CISO report providing the tactical intelligence and the CISO guide offering the guidance on how CISOs can act on this intelligence to achieve the optimal information security programs for their organizations.

With best regards,
On behalf of the Project Team,

Tobias Gondrom
OWASP Global Board Member