DTX Manchester DTX Manchester
  • About Us
Sunday, 24 January, 2021
IT Security Guru
CTX Manchester 2020 banner ad
  • Home
  • Features
  • Insight
  • Events
    • Women in Cyber 2020
    • Women in Cyber 2020 [SPONSORS]
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Women in Cyber 2020
    • Women in Cyber 2020 [SPONSORS]
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Overcoming the Challenges of AppSec Programs in a Remote Working Environment

by The Gurus
July 20, 2020
in Guru's Picks, Opinions & Analysis
AppSec
Share on FacebookShare on Twitter

Patrick Carey, Director of Product Marketing at Synopsys

In the 2020 Verizon Data Breach Investigations Report (DBIR), it was found that 43% of data breaches are linked to application vulnerabilities; a number that has more than doubled in comparison to the year prior. Considering recent events, including the COVID-19 outbreak and the Black Lives Matter movement, this situation will likely deteriorate as cybercriminals are quick to take advantage of heightened emotions to further their own personal agenda. Indeed, the last few weeks have seen nothing but reports of an intensification in cyberattacks.

What’s more, social distancing guidelines and the downturn in our economy today have no doubt introduced a great strain on business continuity. Yet, despite the cutback on resources for many, application security teams are expected to continue creating and maintaining software that is safe from the hands of bad actors. This is, no doubt, an intimidating task for most. So, what can be done?

The cybersecurity skills gap has been a chronic issue within the industry, making it difficult to find an adept security professional even on a good day. Indeed, according to a report by ISC^2, nearly two-thirds of organisations reported a shortage in cybersecurity staff. Today, this has only been exacerbated as travel restrictions and office closures impede any skills from being realised.

In order to overcome this hurdle, businesses may wish to consider managed application security testing services. This can help in alleviating some of the burden from employees and instead, outsource it to remote teams of experts as and when necessary. With this flexibility, organisations can also benefit from cost-efficiency.

The second important step to take is in ensuring that the existing team of developers are offered proper training in cybersecurity. These individuals make up the frontlines of the software development cycle. Yet, according to Forrester research, out of 40 distinct university computer science programs across the United States, not one requires students to partake in secure coding or secure application design courses.

As such, organisations are responsible for teaching these skills to software development teams. Though social distancing may temporarily put a stop to in-person training sessions, the world of online courses and resources allows for distance learning to be possible. Indeed, eLearning is useful in enabling employees to carefully work through vast amounts of content at a speed that suits them. This can then be paired with video conferencing which provides employees with an opportunity to ask questions or run through specific training material.

Both of these solutions are helpful in tackling the human-factor of Application Security programmes. However, organisations will also need to assess safeguarding measures against vulnerabilities in the applications themselves. In many cases, this might simply be a question of applying perimeter defence mechanisms such as web application firewalls (WAFs). For other organisations operating online, however, more needs to be done as web or mobile applications are themselves the perimeter.

According to the 2020 Open Source Security & Risk Analysis (OSSRA) report, such applications typically run on a foundation of open source code, 91% of which are either outdated or have been abandoned altogether. If organisations hope to avoid a similar conclusion as that of the Equifax breach in 2017, special care needs to be given to understanding the ins and outs of any one line of code; including what open source components exist within it. Running an audit and subsequently conducting vulnerability scans can do wonders in preventing the exposure of sensitive data and systems.

By strategically assisting application development teams with external support, investing in their security skillset as well as choosing to be aware of one’s open source portfolio, organisations can succeed in building excellent and secure software. Working remotely no longer has to be a barrier in achieving this.

0 0 vote
Article Rating
FacebookTweetLinkedIn
Share6TweetShare
Previous Post

Israeli Water Systems Hit with Two More Cyberattacks

Next Post

Report Suggests UK is Russia’s ‘top target’

Subscribe
Notify of
guest
guest
0 Comments
Inline Feedbacks
View all comments

Recent News

banking

BTG+ implements Feedzai’s Artificial Intelligence solution

January 22, 2021
Cybersecurity Failure among Highest Risks, warns World Economic Forum

Cybersecurity Failure among Highest Risks, warns World Economic Forum

January 22, 2021
Small caution cone placed over the 'enter' key on a macbook keyboard.

The Top 5 Phishing Scams of 2020

January 22, 2021
Two gloved hands holding up a globe wearing a surgical mask

Fake COVID-19 Test Certificates Pose Risk to Air Travel

January 22, 2021

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Women in Cyber 2020
    • Women in Cyber 2020 [SPONSORS]
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

More information
wpDiscuz
0
0
Would love your thoughts, please comment.x
()
x
| Reply
Privacy Settings / PENDINGGDPR Compliance

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Accept