E R T N
P
X
E INIO
OP
Veracode
expert
discusses
technological
evolution in the
cyber industry
Paul Farrington, EMEA CTO at Veracode, discusses his
expectations for technology development this year and
how he predicts various technologies will be utilised
within the business environment for innovation.
W
We should expect elections to be
compromised
We’re in a time where we need to
assume election hacking is happening
across the globe until we can prove it
isn’t. There are plenty of reasons why
foreign nation states and big business
would want to influence election results,
and the incentives – both monetary and
power-based – are only going to grow.
From leveraging social media to creating
echo chambers that propagate certain
agendas, to planting surveillance
software on applications to monitor voter
behaviour, bad actors are finding more
and more ways to sway elections and it’s
going to take a lot of voter education and
awareness to outmanoeuvre them.
Our recent 2019 State of Software
Security report found the government
www.intelligentciso.com
|
Issue 23
Paul Farrington, EMEA
CTO at Veracode
and education sector has the highest
rate of security debt (unresolved
software flaws) among the industries
studied. Knowing this, all parties should
assume there is a significantly increased
risk of being targeted by attackers – and
take appropriate steps to limit a breach,
including addressing application flaws to
minimise the risk of an attack. 12 or fewer times per year, but this
decreases by 72% to 19 days when
applications scanned are scanned 260
or more times a year.
Reducing mounting security
debt will be paramount Leading development teams will
incentivise secure coding
One of the major reasons behind
successful cyberattacks is the ability to
exploit vulnerabilities in an application’s
code. When organisations don’t address
vulnerabilities, they leave themselves
wide open to attacks. Most organisations today acknowledge
that they could not do what they do, or
remain competitive without software.
The absence of security isn’t always
conspicuous until you are confronted
with the effects of being attacked.
This year, we’ll see companies looking
at ways to incentivise best-practice
security at every point in the software
delivery process.
Our 2019 State of Software Security
report found the median time to fix flaws
is 68 days for applications scanned
This year, reducing cybersecurity debt
by introducing more frequent scanning
of code at regular intervals should be a
focus for any organisation.
41