Despite the progress, the software industry remains weak in security. Universities that train coders lag in teaching best security practices and companies are not yet willing to provide the training themselves.
Microsoft recently sponsored a survey of more than 2,700 IT professionals and developers worldwide and found only 37% worked for organizations that built products with security in mind. The problem exists in on-premise and cloud-based software, experts say.
"The time is right now to reprioritize secure development within these organizations and have that bubble up to the top of the list of priorities," Rains said. "If we don't take the time to do this right now, we're going to continue to see the types of successful attacks that we've been seeing more and more of."
Sign up for CIO Asia eNewsletters.