Web apps are seen as a viable point of attack, which means companies need to put more effort into developing secure code standards, and that means better education and training for app developers. Today’s fast-paced development cycle that emphasizes getting the app into production as quickly as possible doesn’t help.
Read more here:
http://www.infosecurity-magazine.com/view/39053/web-app-attacks-floor-uk-firms/