Almost across the board, research indicates that cyberthreats are still escalating—and the U.S. is the number one country targeted in cyberattacks1. Recent breaches that occurred through unexpected means, such as the theft of hoteliers’ customer loyalty-program records, underscore the seriousness of the threat — and the sophistication and wiliness of attackers. From an economic perspective,… Continue reading Cyberthreats Are Still on the Rise, and Most Enterprises Are Overwhelmed
Category: Security
Application Security: Designing the Process
By Dennis Hurst As a specialist in application security (AppSec), one of the concerns I frequently hear from organizational stakeholders seeking to better secure their applications is, “How do we go about it?” Increasingly, corporate decision makers recognize that they should apply AppSec best practices to their development and testing processes or face the odds… Continue reading Application Security: Designing the Process
Lessons from the Equifax Hack: Be Careful; You May Be Living in a Glass House.
By Dennis Hurst In mid-September 2017, when Equifax announced a massive data breach had compromised nearly 150 million consumer records, criticism for the debacle was rapid and substantial. The news media and security experts immediately condemned Equifax for the breach, stating that an organization trusted by consumers to maintain confidential, personal information should have had… Continue reading Lessons from the Equifax Hack: Be Careful; You May Be Living in a Glass House.
Security: The New Imperative in Software Development
Discussions regarding the importance of software security are nothing new. However, given the escalation in both the number and intensity of cyberattacks, and the fact that even decade-old vulnerabilities are still being exploited, the importance of security has never been greater. For application developers, the stakes are especially high. According to research firm Gartner, nearly… Continue reading Security: The New Imperative in Software Development
Integrating Application Scanning into your Agile SDLC
In his blog post, Application Security: Can we Achieve it?, Dennis Hurst outlines why application security is so important. Many of the problem drivers and the impacts to the organization are laid plain. Hurst also lays out a few “broad strokes” to begin approaching a resolution. In this post, I want to discuss some of… Continue reading Integrating Application Scanning into your Agile SDLC
Application Security: Can We Achieve It?
According to market researcher ReportsnReports, North America is the largest market for security testing services, which are estimated to be $4.96 billion by 2019. So, why are 90 percent of security incidents (per the U.S. Department of Homeland Security) caused by exploits against defects in software? It’s no secret to most software professionals that poor… Continue reading Application Security: Can We Achieve It?
Solving the Challenge of Data Security in Development and Testing
Data breaches are becoming impossible to escape. They occur in every business sector and in companies of all sizes. Juniper Research estimates that the average cost of a single data breach will exceed $150 million by 2020, with the global exposure exceeding $2 trillion by 2019. Yet, many organizations still struggle to secure their production… Continue reading Solving the Challenge of Data Security in Development and Testing
A Look at Today’s Cyber Security Threats
Understanding the link between information security awareness training & today’s cyber environment The strength of being human is our ability as a species to adapt to our environment. Over the course of a lifetime, we humans will experience many different environments and our ability to understand and recognize the threats within an environment successfully dictates whether… Continue reading A Look at Today’s Cyber Security Threats
A Tale of Two Sites…
As a software quality assurance professional with over 15 years’ experience in the field, I was initially shocked by the technical problems with healthcare.gov. I’ve devoted a large portion of my professional career towards ensuring that things like this never happen to my customers! However, after much thought, I realized that the ramifications of bad… Continue reading A Tale of Two Sites…