The company plans to continue its multiprong approach to security, says Jerry Bryant, director of security communication in the Intel Platform Assurance and Security (PAS) group.
"Security isn't a one-time investment thing," he says. "You have to think about it more broadly from good security development practices, baking that into the mindset across your company, investing in vulnerability management processes and the ongoing security research into your products, both prerelease and shipping."
The report highlights the growing importance of bug-bounty programs for application and software developers. Not even five years ago, many companies continued to debate the efficacy of bug-bounty programs, but most have come to value their relationships with external researchers.