sb-eu logo
Story image

Building digital trust in 2018: Security predictions from CA Technologies

17 Jan 2018

Article by CA Technologies president and GM for APJ, Martin Mackay.

As technologies such as mobile devices, cloud, social media, and IoT become increasingly pervasive, they bring about more opportunities for organizations to expand, innovate, and optimize.  Underpinning the successful deployment of these innovations is digital trust, the primary currency of today’s modern enterprises.

On the other hand, new technologies materially increase the threat of cyberattacks and data breaches. Security incidents are seemingly becoming more and more commonplace today. Over the last few years, many companies, of various sizes, have experienced major data leaks. Clearly, security threats are increasing and it is becoming a challenge to keep up.

Security can no longer be an afterthought

In today’s security environment, it is critically important for security to be integrated seamlessly throughout the whole software development lifecycle. A “bolt-on” approach to security is not only inadequate, but might also cause immense, irreparable damage to an organization’s operations and reputation. However, historically, developers have not been overly concerned with the security of an application; their focus has been on functionality. 

Fortunately, businesses are realizing that protecting their apps after the code is written is a reactive approach that is simply –  too little, too late. In fact, a recent study conducted by CA’s Veracode found that 62% of IT pros felt app security was very important to their development team. The same study also uncovered that 43% of IT pros stated that fixing flaws during development is easier than patching.

DevSecOps gaining traction in the new year

The integration of Development and Operations – DevOps – is gaining widespread traction.  The evolution of this concept is DevSecOps – Development – Security – Operations where security is integrated into all processes.  Given the critical nature of establishing and maintaining digital trust for all organizations, we see DevSecOps gaining increasing visibility this in 2018.  

The basic principles of DevSecOps are built upon the idea that security is critical throughout the entire software development lifecycle and everyone in the software development lifecycle is responsible for security.  Companies that embrace DevSecOps deliver better and more secure software because of the focus on collaboration and alignment across disciplines.

Enterprises are realizing that the key to success is the customer experience and without digital trust – security – the customer experience is potentially catastrophic.  

The only way to deliver that experience is to ensure app security; the optimal way to ensure app security is to automatically scan code for vulnerabilities starting from development, through production, and continuing through deployment. This is one of the most effective ways to minimize risk and protect applications—and the business—from cyber incidents and massive data breach.

Identity-centric approach – the new face of security

At the same time, due to the convergence of cloud, mobile, IoT and the demand for always-on access, enterprises are becoming highly distributed digital enterprises that house web and mobile apps on-premises, in the cloud or in hybrid environments while user access requests can come from a broad spectrum of locations and devices.

As a result, the archaic approach to security where network perimeter controls user access simply cannot keep up with current demands. Now, people and things are the new perimeter, and their identities are the single unifying control point across all devices, apps and data. With the cost of identity fraud rising to $16 billion, verifying and securing user identities are more important than ever.

An Identity-centric security, which comprises of multi-factor advanced authentication and identity management, reduces risk by employing trusted-user management. This enables businesses to verify all access to critical assets and resources while reducing the risk of insider threats. It allows companies to take an enablement-focused approach that first and foremost protects the business, but also facilitates growth and innovation.

In today’s application economy, security no longer represents just a digital assets custodian, it is a critical business enabler. The right enterprise security can give an organization’s employees, partners and customers the seamless, consistent access they need to be more productive, flexible and innovative.

And, doing so while protecting the business from internal and external threats is how modern enterprises can engender the kind of trust that keeps customers coming back.

Story image
Vectra expands NDR capabilities across all network environments
Vectra’s network threat detection and response (NDR) solution is designed to use cloud identities that track and link attacker activities and progression across all networks.More
Story image
Trend Micro launches cloud native security solution for modern applications and APIs
“Application security is an invaluable part of the Cloud One platform, integrating technology to provide superior protection for customers deploying applications wherever it makes the most sense for them."More
Story image
Businesses can save on the hefty cost of a security breach if they're honest
SMBs and enterprises that disclose breaches proactively tend to experience 40% less financial damage, according to new research from Kaspersky. More
Story image
Kaspersky unveils two major update to its Transparency Initiative
The company has announced the opening of a new Transparency Center, as well as the ompletion of a widespread transferal of data storage and processing activities to Switzerland.More
Story image
Cyber-attackers target COVID-19 vaccine supply chain in sweeping phishing campaign
IBM’s Security X-Force, a task force created in the early days of the pandemic with an aim to combat cyber-attacks related to potential vaccines’ supply chains, released details on a coordinated effort to disrupt the COVID-19 ‘cold chain’.More
Story image
Digital transformation and cloud security top of mind for enterprise
In the era of the coronavirus pandemic, digital transformation and cloud security are the chart-topping topics enterprises want to know more about.More