Nearly half of senior IT executives perceive security threats as the most critical issue in the implementation of SOA and web services-based applications, according to a global survey sponsored by IT management software company CA.

And more than half of the respondents (57 percent) reported that they have deferred or slowed adoption of some SOA and web services due to security-related issues.

"The fact that respondents are deferring SOA and web services applications for security reasons indicates a strong collaboration between business and IT security teams. They are truly evaluating risk versus benefit to the business," said Lina Liberti, vice president for CA Security Management."

The survey also revealed that most respondents (93 percent) believe integrating SOA and web services security systems with identity and access management is critical. However, just 43 percent of IT executives have done so.

"The state of SOA and web services security is similar to what we saw with websites and portals about 10 years ago. As organisations rolled out web applications, best practice security management approaches had not yet been resolved and security became a significant challenge," said Liberti. "Web services and SOA applications have experienced those same security issues, but we believe the best practice approaches implemented for web applications apply to these application architectures as well."

The study surveyed nearly 555 IT directors or above about their position on SOA and web services deployments and security. The respondents came from large and mid-sized enterprises representing companies headquartered in North America, Europe, Asia Pacific, plus Central and South America.