Businesses Sacrifice Security To Get Apps Released Faster

  /     /     /  
Publicated : 22/11/2024   Category : security


Businesses Sacrifice Security To Get Apps Released Faster


As the app economy continues to drive change in IT security, businesses struggle to meet customer demands while keeping their data secure.



Strong security is essential in an application-centric world, but new research shows businesses are sacrificing security in order to improve speed-to-market for their app offerings.
This was one of the findings discovered in a new report,
The Security Imperative: Driving Business Growth In The App Economy
, conducted by Coleman Parkes and commissioned by CA Technologies.
Researchers surveyed 1,770 senior business and IT executives, including more than 100 CSOs and CISOs, to investigate how their security operations affect business performance. 
Results indicate businesses view IT security as a business enabler but struggle to deliver stronger protection under the pressure of the app economy. Sixty-eight percent of respondents admit they compromise on security to get apps to market faster.
This is a tremendous risk. Managing user identities across thousands of apps, systems, devices, and platforms requires organizations to increase the complexity of their security practices, not cut corners. 
The app economy is creating
new cybersecurity challenges
for IT leaders operating in a multi-channel, multi-platform world. Customers expect rapid and secure experiences from any device, and will take their business elsewhere if security is burdensome or data is jeopardized. 
The rise of mobile and cloud has opened up new opportunities to drive the app economy, explains Nick Nikols, SVP and CTO for cybersecurity at CA Technologies. However, it also changes the security dynamic. What happens to traditional security approaches, like hiding behind a firewall, when data can be located anywhere?
How do you secure something that is much more out there, and not entirely under your control as much as it once was? says Nikols of protecting cloud-based data. When information can be stored anywhere, businesses cant rely on traditional approaches to security.
Its time for businesses to think outside these approaches as they pursue new opportunities in this environment.
You cant define a rigid perimeter and put defenses outside the perimeter, he continues. You cant think of everyone on the outside as being bad and everyone on the inside as being good.
This is where identity-centric security comes into play. We need something in addition to network security and endpoint security, says Nikols. We need a more logical understanding of the nature of the [user] relationship.
The identity-centric approach uses behavioral analytics and predictive strategies to ensure identities are valid without sacrificing the customer experience. Its a more dynamic approach to security, Nikols explains. Risk is assessed via user behavior, and people may be asked for additional proof of ID to ensure they are who they claim to be.
However, he notes its difficult to improve app security when the competition to deliver is fierce. People are starting to recognize the need [for greater security], but were quick to move to delivering new services and treat security as an afterthought, Nikols says.
As the app economy and its related challenges continue to evolve, how can businesses boost security while maintaining a strong customer or user experience?
Nikols advises creating a closer relationship between the DevOps and security teams so security is integrated into the development process and not tacked onto the end. If the security team is solely focused on hardening the perimeter or checking for vulnerabilities, their skills arent being used to integrate security into the app.
If the security team isnt part of the development process, he continues, the overall rollout is delayed or the app is exposed to greater risk. Refusing to bring the two teams together will cause challenges.
If we make [security] part and parcel of the DevOps process, it can help to actually save time, he says. The app will be secure from the get-go, and you wont have to spend time securing an app you already built.
Many businesses have begun to use external business metrics to measure the effectiveness of IT security. These include factors like employee productivity, employee recruitment and retention, competitive differentiation, digital reach, and business growth.  
Related Content:
BSIMM Shows Secure Software Development Making Inroads
Fear & Loathing In The Cloud
A Twist On The Cyber Kill Chain: Defending Against A JavaScript Malware Attack

Last News

▸ DHS-funded SWAMP scans code for bugs. ◂
Discovered: 23/12/2024
Category: security

▸ Debunking Machine Learning in Security. ◂
Discovered: 23/12/2024
Category: security

▸ Researchers create BlackForest to gather, link threat data. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Businesses Sacrifice Security To Get Apps Released Faster