Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Career Intelligence
    • Cyber Tactics
    • Cybersecurity Education & Training
    • Leadership & Management
    • Security Talk
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Interactive Spotlight
    • Photo Galleries
    • Podcasts
    • Polls
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
Cybersecurity

The Importance of APIs

API-related breach
Getty Images
Getty Images
September 13, 2023

When it comes to smart buildings, the “back end” of the operation, or inner workings, runs on something called an application program interface, or API. These are the connections that make many of the integrations between different systems work. According to AWS, “APIs are mechanisms that enable two software components to communicate with each other using a set of definitions and protocols.” In a security system that translates to the reason your smart systems work seamlessly.

That is why a couple of recent studies are so concerning. 

A recent report by Traceable AI found that within the past two years, 60% of organizations faced at least one API-related breach. Three quarters of those experienced three or more incidents, and nearly one quarter of those suffering six or more breaches.

According to the report, just 38% can discern intricate context between API activity, user behaviors and data flow, and 57% don’t believe traditional security solutions such as web application firewalls are effective at distinguishing genuine from fraudulent API activity.

Sixty-one percent of respondents expect API-related risks to rise in the next two years.

Another survey from Akamai Technologies Inc. looked at what application security professionals consider the top security risks related to APIs and found that less than half of respondent companies have API security testing tools in place. Only 29% have API discover tools.

Survey participants ranked phishing (38.3%) and missing patches (24%) as the top two API security concerns. These were followed by exploitation of vulnerable applications/APIs (12%) and accidental disclosure of sensitive information (9.1%).

Other key highlights in the report include:

  • 62% of respondents are using web application firewalls as part of API risk mitigation.
  • 57% of respondents reported API inventory accuracy of between 25% and 75%.
  • Most respondents cited the OWASP (Open Web Application Security Project) Application Security and API Top Ten lists, and the MITRE ATT&CK Framework as the basis for defining application and API risk.
  • 76% of survey takers reported training development staff on application security.

These efforts are critical and will need to be increased in order to keep up with the number of potential attacks. The more integration and “smart” devices you have, the more APIs involved and the bigger the attack vector. 

According to the Traceable AI report, one of the primary breach methods when it comes to APIs is DDoS, or distributed denial of service attacks.

DDoS attacks were analyzed by a recent report by Zayo Group Holdings, which found that there was a whopping 314% increase in overall attacks from the first half of 2022 to the first half of 2023. One of the sectors that saw the biggest increases in these types of attacks was cloud and software-as-a-service companies, for example.

KEYWORDS: API security application security attacks

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Cyber tech background

    Security’s Top Cybersecurity Leaders 2026

    Security magazine’s Top Cybersecurity Leaders 2026 award...
    Cybersecurity
  • Iintegration and use of emerging tools

    Future Proof Your Security Career with AI Skills

    AI’s evolution demands security leaders master...
    Career Intelligence
    By: Jerry J. Brennan and Joanne R. Pollock
  • The 2025 Security Benchmark Report

    The 2025 Security Benchmark Report

    The 2025 Security Benchmark Report surveys enterprise...
    The Security Benchmark Report
    By: Rachelle Blair-Frasier
Manage My Account
  • Security Newsletter
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Popular Stories

Hand reaching up out of the ocean

What I Learned About Burnout the Hard Way (and How to Actually Fix it)

Broken wet floor sign

Why Response Time Is Becoming the Missing Metric in Workplace Safety and Security

Paparazzi

When Private Events Become Public Infrastructure: What Celebrity OSINT Teaches Security Leaders

Cyber Tactics

AIBOMs: Bringing AI Security Out of the Shadows, A Practical Guide for Security Professionals

Medical professional

Nearly 85% of Nurses Experienced Workplace Violence in the Last Year

Kaseware sponsored webinar
Schneider Electric sponsored webinar

Events

August 25, 2026

Critical Infrastructure Security Is National Security: Protecting Essential Operations in an Era of Escalating Risk

LIVE: August 25, 2026 at 2 PM EDT Learn why critical infrastructure security has become a national security imperative, and the strategies organizations can adopt to improve visibility, collaboration, and response across their security operations.

August 27, 2026

Leveraging AI & Mobility to Advance Your Security Domain

LIVE: August 27, 2026 at 2 PM EDT Explore how AI-driven cloud security solutions can elevate your security domain enhancing threat detection, streamlining operations, and delivering the resilience modern organizations demand.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products


Alertmedia sponsored webinar

Related Articles

  • human-security-freepik1170x658.jpg

    The importance of the human element of security

    See More
  • Data Stream

    The Five Rings: Understanding the importance of physical security of colocation data centers as a fundamental service during COVID-19

    See More
  • cyber_lock

    COVID-19 and the need for a national cyber director: How the response to the pandemic illustrates the importance of a leadership

    See More

Related Products

See More Products
  • The Database Hacker's Handboo

See More Products
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • Newsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2026. All Rights Reserved BNP Media, Inc. and BNP Media II, LLC.

Design, CMS, Hosting & Web Development :: ePublishing