Why Software Defects Are Now the Biggest Security Threat
TechRadar, Monday, May 4th, 2026
Software bugs have become the primary security threat, accounting for 40% of cyber incidents in 2025, surpassing external attackers.
According to recent Fastly research, software defects are now the biggest security threat to businesses, with bugs accounting for 40% of cyber incidents in 2025, up from 33% in 2024 and exceeding external attacks at 39%.
The acceleration of software shipping speeds and AI-driven code generation, which increases developer output by nearly double but creates bugs that aren't caught in code reviews, are major contributors to this shift. Organizations must fundamentally rethink their security strategies by integrating security teams into the software development process earlier, establishing clear incident response accountability, and prioritizing secure-by-design approaches that bake security into systems from the start.
Large enterprises with 10,000+ employees are particularly vulnerable, experiencing 57 incidents on average in 2025, highlighting the need for organizational restructuring and alignment between security and DevOps teams rather than relying solely on perimeter defenses.