Industry executives and experts share their predictions for 2021. Read them in this 13th annual VMblog.com series exclusive.
Adapting to a changing landscape
By Pieter Danhieux, Chief Executive Officer, Chairman, and Co-Founder, Secure Code Warrior
Cybersecurity predictions are somewhat of a tradition in the industry, as Secure Code Warrior look towards the year to come and see what may lie ahead in a field that can have many changes, sharing predictions below around what developers should be prioritizing in 2021 and the imminent cyber threats posed by the online shopping landscape.
What developers should be prioritizing in 2021 to adapt to a changing
landscape.
This
year we've seen technology adoption skyrocket as businesses across the globe
went remote to ensure business continuity. As IT departments grappled with how
to secure their dispersed workplaces, cybercriminals continued to scan for
vulnerabilities, leading to a spike in the number of data breaches. While
cybersecurity may have cemented its place as a top priority for business
leaders, there's still tipped to be at least one zero-day exploit per day by 2021, meaning
there is an urgent need for developers to create code that is not only
functional but also secure from the outset.
For years, industry leaders have sought to "shift
left", but this isn't enough-we need to start left and embed
security right at the code level to drive more positive outcomes. While the
decision to shift to a DevSecOps program needs to come from the top, developers
in the trenches should be security-aware and their organizations should enable
a secure coding mindset. This will not only elevate the business' security
posture but more importantly, it will prevent recurring vulnerabilities from
infiltrating their software development lifecycle from the very beginning.
For
this, continuous learning through the right tools and knowledge is essential.
Developers need to actively upskill, build their knowledge and engage in
professional development opportunities to enhance their secure coding prowess.
It's the only efficient and long-term solution to significantly reducing the
number of security bugs that have been and continue to be, responsible for
allowing attackers in through the back door.
Retail Red Flags - what to look out
for in 2021?
The
retail industry has always been a high-profile target for cybercriminals. As
retailers move to digital-first operations and manage greater volumes of
customer data, they have turned into "easy" gold mines for attackers.
With this heightened risk and the proliferation of online shopping,
retailers' IT and security departments need to ramp up efforts to place
security at the forefront of all operations and ultimately make websites and
applications secure from the start. There is simply too much at risk to fall
down here when over eight in 10 customers say they'd stop
engaging with a brand that was involved in a data breach. Retailers of all sizes
must be on the front foot with their cybersecurity efforts, and a
security-first mindset can ensure their online properties are near impossible
for attackers to shake and break-ultimately safeguarding their brand.
##
About the Author
Pieter Danhieux is a globally recognized security expert, with over 12 years’ experience as a security consultant and 8 years as a Principal Instructor for SANS teaching offensive techniques on how to target and assess organizations, systems and individuals for security weaknesses. In 2016, he was recognized as one of the Coolest Tech people in Australia (Business Insider), awarded Cyber Security Professional of the Year (AISA - Australian Information Security Association) and holds GSE, CISSP, GCIH, GCFA, GSEC, GPEN, GWAPT, GCIA certifications.