Breaking News

AppSec New Year’s Resolutions

Each year, by the time the calendar changes to February, for many, the interest in maintaining the New Year’s resolutions made in early January has started to wane. While increasing work life balance, eating healthier and losing weight frequently make the resolutions list, what about resolutions to help safeguard data?

In 2018, massive data breaches made an impact at companies like Facebook, Marriott Starwood, Panera Bread and more, exposing millions of records that contained sensitive personal data. Specifically, the number of exposed data records through the breached application – more than doubled from 197.6 million in 2017 to 446.5 million last year.

Given the growing threats and incidents of breaches, the importance of securing applications cannot be overstated. Despite the headlines and increased awareness, most companies fail to test, secure and remediate applications.

To encourage security best practices, here are three resolutions organizations should make and keep for 2019:

1. Resolve to put cybersecurity first

Starting today, make cybersecurity a top priority throughout the organization. To properly manage risk, identify the greatest threats to the organization and prioritize time and attention on those first.

In a digital economy, applications are the foundation of business, and protecting them should be priority number one. However, application security is often overlooked. In fact, the 2018 WhiteHat Security Statistics Report  confirmed that securing applications, which are the biggest target for data breaches, has progressively deteriorated year-over-year.

Therefore, begin by identifying, prioritizing and managing risks relative to the potential impact on mission-critical operations. This way, organizations can balance security needs against cost considerations, and design an enterprise solution that secures its people, facilities, processes and technologies.

 2. Resolve to be proactive

“An ounce of prevention is worth a pound of cure.” As the saying goes, being proactive and building with security in mind may take a bit more time or cost more, but it’s a strategic investment to prevent damage to reputation and loss of customer trust, all of which negatively impact the business.

To start, think like a hacker and hack yourself first. Don’t wait to remediate vulnerabilities – ensure all patches are made efficiently, no matter how small the possible damage might be.

Invest in security specialists like WhiteHat Security, to meet enterprise-level compliance standards. This will cover many aspects of security vulnerability, including but not limited to the OWASP Top 10.

3. Resolve to train developers

 Training all employees in security best practices is essential. This includes the basics, such as reviewing code for security vulnerabilities, application security testing and integrating security in the software lifecycle. These practices go a long way in ensuring the business remains safeguarded.

 Moreover, training developers to integrate security in daily development practices is vital. The key is providing employees with a strong foundation that helps them be successful in upholding the company’s cybersecurity. Incorporate training and mentoring programs in the workplace.

The WhiteHat Certified Secure Developer (WCSD) Program, which is free of charge and gives developers an essential jumpstart into understanding app security at a deep technical level, is a great resource to get started.

Using these three security suggestions will put an organization on a path to stronger security in 2019. Resolve to put cybersecurity first, be proactive about addressing vulnerabilities and train employees to be part of the effort. These practices, along with support from security specialists like WhiteHat Security will see your data security resolutions through to the end of the year.