Explore the findings of the OWASP-CISO Survey Report 2013 in this 49-minute conference talk from AppSecEU 2014 in Cambridge. Gain tactical insights for managers as Tobias Gondrom, Managing Director and CISO at Thames Stanley, presents key intelligence about security risks and best practices. Discover how Chief Information Security Officers (CISOs) can effectively manage application security programs from governance, compliance, and risk perspectives. Learn about external vs. internal threats, main areas of risk, investment plans, security management challenges, and useful resources. Understand the current situation in application security, top sources of risk, and strategies for verification of security measures. Benefit from Gondrom's extensive experience in information security, software development, and global standardization as he shares valuable insights for CISOs and security professionals.