Skip to main content
The software landscape is maturing security.
September 21, 2016

Security Grows Up

The technology landscape has changed and evolved to the point where old security tactics are no longer sufficient. In the same way that the tactics you use to keep your kids safe when they’re babies become ineffective, and actually detrimental to them, as they grow – sticking with old IT security tactics will not only leave you insecure, but will also hold back innovation, and your organization’s potential.

From Blocking to Preparing

It’s simpler to keep your kids safe when they’re babies. Parents of infants and young children control everything – who the children see, where they go, what they watch and what they eat. But as those babies grow up, and their worlds expand, you can’t control everywhere they go, everything they do and everyone they see. Your tactics need to change. You can’t put up a wall around them (sadly!), but you can prepare them to be as safe as possible in their expanding world. You teach them about personal safety, healthy habits and smart decision-making. You get them immunized, cook them healthy food, buy them warm clothes – and send them off. You want to block all the bad stuff from their path, but you can’t. Ultimately, you have to prepare them to face the bad stuff, and give them the tools they need to make the right decisions.

Software Is a Game Changer

Technology has “grown up” too. It used to be simpler to protect, but software changed the game. Apps are ubiquitous, produced at a lightning pace, introduced into your organization by various departments and individuals, and permeate every nook and cranny of your organization. These characteristics allow organizations to grow and innovate like never before, but also require them to think about security differently – putting up walls or slowing development to a crawl with cumbersome testing won’t cut it anymore; new defenses are required. Today, we need to prepare the targets themselves to face the bad guys, rather than holding them back or surrounding them.

For instance, new security methods and solutions designed for today’s technology environment include:

  • Developer eLearning to instill secure coding practices and avoid introducing vulnerabilities into code in the first place.
  • Solutions that integrate into the development process and assess applications during the development phase, to address vulnerabilities before they are released into production, without slowing down release cycles.
  • Runtime protection solutions that enable applications to “self-protect” by reconfiguring automatically, without human intervention, in response to certain conditions.

Kids growing up can be scary, and certainly involves increased risks. But the transition is ultimately a positive one, and creates unprecedented opportunities and experiences. Similarly, technology’s growth has increased security risk, but has also introduced numerous important advancements and innovations. Trying to put a wall around your applications at this point would be like trying to wall in your kids.

Stop using yesterday’s tactics for today’s problems. Get prepared for this new security reality with our CISO Kit for Application Security.

Suzanne is part of the content team at Veracode, working to create resources that shed light on AppSec problems and solutions. 

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.