Articles + Publications March 5, 2025
FTC Settlement Spotlights Security of APIs Proliferating Across the Internet
Jim Shreve and Joel Lutz, attorneys with Troutman Pepper, were quoted in the March 5, 2025 Cybersecurity Law Report article, “FTC Settlement Spotlights Security of APIs Proliferating Across the Internet.”
“While addressing risks from no-longer-supported software is a common element of many security standards, the requirements in this settlement to disconnect hardware using the unsupported software, or develop a mitigation plan if disconnection is infeasible, is new for an FTC consent order,” Troutman Pepper Locke partner James Shreve told the Cybersecurity Law Report.
…
A quarter of companies had their number of APIs increase 100% or more over the past year, according to the Salt Survey Report. At 55% of companies, the API inventory grew by at least 50%. The number of APIs companies are using has jumped because of expanding AI use, Shreve observed.
…
The good news, Troutman Pepper Locke counsel Joel Lutz reported, is that “more technical solutions are available today to help identify APIs and inventory them, which is the foundational step to ensuring they are secure.”
…
Initial priorities to establish comprehensive API governance go beyond inventorying to “validating the configuration of all those APIs found, and monitoring for newly implemented APIs,” Lutz said.
“The challenge in catching up if a company is behind on API governance,” Lutz noted, “is usually around understanding exactly what the API is doing, keeping documentation accurate and up to date, and ensuring existing APIs are properly configured in accordance with documentation and security standards.” Inadequate focus on documentation was a concern for 13% of Salt’s respondents.
…
For the most part, APIs do not pose unique security risks. Thus, “security controls employed in many other contexts help in securing APIs as well,” noted Shreve.
Insight Industries + Practices
Firm Events
2025 Mid-Atlantic Health Care IT Forum
November 19, 2025 | 3:30 PM – 7:00 PM ET
Troutman Pepper Locke Philadelphia Office – Philadelphia Conference Center
31st Floor, 3000 Two Logan Square, Philadelphia, PA 19103, Eighteenth and Arch Streets
Sponsored Events
2025 ACG Deal Crawl
November 19 – 20, 2025
JW Marriott Charlotte
600 S College Street, Charlotte, NC 28202
Speaking Engagements
Restructuring in the Age of Artificial Intelligence
November 17, 2025 | 1:30 PM – 2:30 PM ET
Offices of CohnReznick
New York, NY
Speaking Engagements
ACG NY’s Middle Market Week Deal Day
November 17, 2025 | 12:00 PM – 8:00 PM ET
Metropolitan Club of New York
1 East 60th Street, New York, NY 10022