Attacks on application programming interfaces (APIs) are becoming more frequent, more sophisticated, and grander in scale. In fact, 108 billion API attacks were recorded from January 2023 through June 2024, according to a recent Akamai State of the Internet (SOTI) report.
And yet, despite the rapid proliferation of APIs in the enterprise and the access to sensitive data that many of these APIs require, research indicates that securing them has not been a top priority for most security teams. As organizations struggle with poor visibility into APIs and their risks, the findings align with industry concerns that enterprises lack centralized responsibility for API security, from tracking vulnerabilities to measuring the impact of breaches.
The latest installment of the API Security Impact Study collects responses from more than 800 individuals in roles across cybersecurity to determine the state of API security in four of the largest economies in the Asia-Pacific (APAC) region: China, India, Japan, and Australia. It builds upon an annual survey conducted by Noname Security (now a part of Akamai Technologies) asking security professionals how APIs have fit into their security initiatives over the past three years. Consistently, our research has found that despite a growing awareness of API vulnerabilities, the commitment to API security from senior leadership has not kept pace, as both CISOs and CIOs struggle to address a growing scope of competing priorities.