Adapting to a changing landscape

By Pieter Danhieux, Chief Executive Officer, Chairman, and Co-Founder, Secure Code Warrior

Cybersecurity predictions are somewhat of a tradition in the industry, as Secure Code Warrior look towards the year to come and see what may lie ahead in a field that can have many changes, sharing predictions below around what developers should be prioritizing in 2021 and the imminent cyber threats posed by the online shopping landscape.

What developers should be prioritizing in 2021 to adapt to a changing landscape.

This year we've seen technology adoption skyrocket as businesses across the globe went remote to ensure business continuity. As IT departments grappled with how to secure their dispersed workplaces, cybercriminals continued to scan for vulnerabilities, leading to a spike in the number of data breaches. While cybersecurity may have cemented its place as a top priority for business leaders, there's still tipped to be at least one zero-day exploit per day by 2021, meaning there is an urgent need for developers to create code that is not only functional but also secure from the outset.

For years, industry leaders have sought to "shift left", but this isn't enough-we need to start left and embed security right at the code level to drive more positive outcomes. While the decision to shift to a DevSecOps program needs to come from the top, developers in the trenches should be security-aware and their organizations should enable a secure coding mindset. This will not only elevate the business' security posture but more importantly, it will prevent recurring vulnerabilities from infiltrating their software development lifecycle from the very beginning.

For this, continuous learning through the right tools and knowledge is essential. Developers need to actively upskill, build their knowledge and engage in professional development opportunities to enhance their secure coding prowess. It's the only efficient and long-term solution to significantly reducing the number of security bugs that have been and continue to be, responsible for allowing attackers in through the back door.

Retail Red Flags - what to look out for in 2021?

The retail industry has always been a high-profile target for cybercriminals. As retailers move to digital-first operations and manage greater volumes of customer data, they have turned into "easy" gold mines for attackers.

With this heightened risk and the proliferation of online shopping, retailers' IT and security departments need to ramp up efforts to place security at the forefront of all operations and ultimately make websites and applications secure from the start. There is simply too much at risk to fall down here when over eight in 10 customers say they'd stop engaging with a brand that was involved in a data breach. Retailers of all sizes must be on the front foot with their cybersecurity efforts, and a security-first mindset can ensure their online properties are near impossible for attackers to shake and break-ultimately safeguarding their brand.

##

About the Author

Pieter Danhieux is a globally recognized security expert, with over 12 years’ experience as a security consultant and 8 years as a Principal Instructor for SANS teaching offensive techniques on how to target and assess organizations, systems and individuals for security weaknesses. In 2016, he was recognized as one of the Coolest Tech people in Australia (Business Insider), awarded Cyber Security Professional of the Year (AISA - Australian Information Security Association) and holds GSE, CISSP, GCIH, GCFA, GSEC, GPEN, GWAPT, GCIA certifications.