Doug Bonderud is a freelance writer passionate about the evolution of technology and its impact on companies, stakeholders and end-users alike. Want to know more? Follow Doug on Twitter.
- How AppSec Fits into an Information Security ProgramJanuary 28, 2016 | Intro to AppSec
Want a better information security program? Most companies do and are willing to spend big money on safeguarding critical systems. As noted by Infosecurity Magazine, Allied Market Research predicts huge growth in the hardware encryption market, with a CAGR of more than 50 percent and a net value of almost $300 billion by 2020. But locking… READ MORE
Stay up to date on Application Security
Effective application security — AppSec — isn't easy. As noted by eWeek, payment apps on both iOS and Android devices lack not only encryption but are at risk of tampering, which "could potentially enable an attacker to reroute funds." Despite the challenge of tracking down and securing vulnerabilities, however, many companies have taken on… READ MORE
How much should an organization spend on application security? Cybersecurity experts are often willing to break budgets when it comes to protecting critical applications, arguing that prevention is worth millions in cure. Meanwhile, C-suite executives are often less convinced by this kind of proactive thinking, instead opting to spend on AppSec only when demonstrable threats are on the horizon.… READ MORE
Banks are investing big in cybersecurity. According to Lexology, HSBC has earmarked $1 billion for cybersecurity enhancements, while JPMorgan Chase has doubled down on spending with plans to hit $500 million by the end of 2015. Even financial institutions that aren't actively ramping up their resources are busy backing startups they hope will provide the next generation of cybersecurity. All this… READ MORE
Chief information security officers (CISOs) are under fire. According to Bloomberg BNA, both CISOs and chief information officers (CIOs) are now at risk of being named in post-breach lawsuits because these executives, "by dint of their role and purported experience, assume a fiduciary duty to the shareholders." In response, both the ideal candidates and CISO job descriptions are changing; a… READ MORE
Discussions of cybersecurity are making their way into boardrooms — but that doesn't mean C-suite executives are fully up-to-date on threats, vulnerabilities and remediation techniques. As noted by The Wall Street Journal, just 11 percent of board members surveyed in a recent National Association of Corporate Directors study claimed a "high level" of knowledge about cybersecurity best practices.… READ MORE
- Providing Business Value: The Secret Skill Set of Next-Gen CISOs?October 20, 2015 | Managing AppSec
What skills do chief information security officers (CISOs) need to succeed? At first glance the answer seems obvious — the job title suggests a focus on safeguarding data and ensuring that corporate networks are kept safe from malicious attackers. But as noted by a new Forrester report, "Evolve To Become the 2018 CISO or Face Extinction," there's significant change going on behind closed doors as… READ MORE
- Cybersecurity in Manufacturing: Fact or Fabrication?October 19, 2015 | Security News
Manufacturers face a significant challenge when it comes to cybersecurity. Along with the task of protecting internal network systems and trade secrets, IT professionals are also on the hook to develop defensible architecture for any Internet-enabled technology they develop and deploy. The result? Cybersecurity in manufacturing is often more fabrication than fact. According to Veracode's recent "… READ MORE
- The Security Challenges Gap: Builders vs. Defenders
Software builders and developers just can't agree. That's the takeaway from a recent SANS white paper, entitled "2015 State of Application Security: Closing The Gap." The report found that while software creators and security experts both identified three top security challenges, these challenges were completely different. In an IT world informed by rapid technology development and rapidly… READ MORE
In many organizations, IT security and development teams have very different mandates. For example, according to the SANS Institute's 2015 State of Application Security: Closing the Gap, while software builders focus on lowering their time to market and feature lists, application defenders worry about fully identifying all apps in their corporate portfolios to effectively address security issues… READ MORE
Application Security Tool Kit
Love to learn about Application Security?
Get all the latest news, tips and articles delivered right to your inbox.
No thanks, back to the article please.