Golfdale partnered with Security Compass to gather input from senior managers and leaders across major US agencies, including Homeland Security, Health and Human Services, Veterans Affairs, and Defense. Their insights highlight the pressure to modernize secure development and ATO workflows, the gaps that slow progress and where agencies are concentrating investment.

Software building companies in the U.S., Canada, and the UK are raising their focus on application security training in response to evolving threats. This Security Compass commissioned study finds compliance demands and emerging AI risks are pushing most organizations to invest more in both formal and on-the-job security training.

Security Compass commissioned a US and Canada survey of security practitioners in medium-to large-scale software organizations. Most view threat modeling as a top priority. Across the software development lifecycle, success hinges on automation, investing in specialized training, improving toolchain interoperability, and defining clear metrics to demonstrate return on investment.

Golfdale was commissioned by Security Compass to examine how companies that produce software are integrating AI models, weighing their risks, and shaping secure development practices. Insights were garnered from 200 executives and managers in large software-producing companies across the US, UK, and Canada.