Cyber security has been a necessity since the dawn of the internet, but as business technologies continue to evolve, so do the threats.
Intelligence agency GCHQ has officially opened the National Cyber Security Centre as part of a £1.9 billion five-year strategy aimed at protecting the nation from cyber-attacks. The centre aims to make the UK the hardest target for hackers to protect itself against foreign and domestic cyber-attacks, especially those aimed at essential utilities, such as the electricity supply.
The evolution of the Internet of Things may be making everyday life more convenient, but it’s increasing the amount of security needed to ensure users are safe from online attacks. As IoT continues to grow, the risks continue, and range from theft of personal and financial information to hacking of public utilities. According to Evans Data, the high security requirements needed by industrial level IoT is the number 1 concern for nearly half (49.1%) of developers, further suggesting its importance.
Cyber-attacks on corporate assets have been on the rise, and in the past 3 months, the National Cyber Security Centre has revealed there were 188 category two or three cyber-attacks. These attacks usually involve hundreds of thousands of phishing emails sent to government departments and businesses. With the UK being one of the most digital dependent economies, and comprising a digital sector worth £118 billion annually, there’s a lot at stake.
A solid defence against cyber-attacks is essential for all businesses and the best protection starts with secure development. Software developers can create the front line of any digital business’ defence if they have a mind-set for security.
By focusing on quality assurance, testing and thorough reviews of code, businesses of all sizes can develop their security and brace themselves against attacks. Even cyber-attacks on small businesses are on the rise. Throughout 2015 the Government Security Breaches Survey found that 74% of small businesses had reported a security breach, showing that no-one is safe.
With this stark increase, it’s clear that businesses should not just be relying on security by obscurity. Application security testing should be the best practice throughout all companies, especially when personal user data is at stake. Developing methods to plug all of the security gaps is a big job and will require support from both software and users alike.
Running programs to take a look through an application’s code and servers can help identify obvious gaps. However, this process may overlook the human element to hacking leaving your product wide open to security attacks from more creative hackers. Though hacking is clearly disruptive, there are companies who employ ‘White Hat Hackers’ to uncover potential security vulnerabilities that may have been overlooked by more traditional methods.
However, one issue that is hindering security throughout software development is a limited talent pool. Currently retaining security-focused development talent is tough with New Statesmen reporting on stats claiming that 73% were looking for new work or open to ideas. Unfortunately, as talent retention is becoming increasingly more difficult the security behind software development is often found to be lagging behind the industry standard, as developers struggle to keep up with new threats.
With reputational damage, government fines and consumer details all potentially at risk, software developers have a lot to lose. By promoting standards that put security at the forefront of all developments and supporting secure coding practices, software development as a whole could swiftly lead to more secure products. Combined with a DevOps approach, software development companies could find themselves able to make immediate security improvements to live products via consistent updates.
Looking for a new role in cyber security in Belgium, Netherlands or The Nordics region? Email firstname.lastname@example.org.