From a very young age, I had always had a keen interest in technology. I always found myself wanting to work with computers over stereotypical games and toys marketed for young girls. Once I entered school age, I found myself naturally gravitating toward IT subjects. After finishing up college, I was unsure what exact career path I would venture down.
After securing my position with WhiteHat Security as a DAST Security Specialist, I knew instantly that this is what I wanted to do. Throughout my degree, I had learned how to develop applications from the back-end to the front-end. However, my program lacked an emphasis on security, and the best coding practices to protect against hackers were definitely not on the syllabus.
Having worked with WhiteHat for the past three years, I have learned so much. As a company, they have allowed me to expand on my skills, and they have consistently supported me to follow my interests.
One of the highlights of my time at the company included attending the Infosecurity Europe (InfoSec) conference this year. There were dozens of thought-provoking sessions on a variety of different topics in the cybersecurity space throughout each day of the event. Here were three of the top takeaways from my week at InfoSec this year:
There are a countless number of vendors in the space, but many have varying solutions on how to tackle cybercrime. To an outsider’s perspective, it can seem very competitive. Nevertheless, while new technology is being developed, the cybersecurity world is growing day by day, and the combination of a growing talent gap and expanding cyber threat landscape is causing more of a demand on vendors. Training employees to take precautions when identifying phishing attempts or similar attacks can only go so far.
The advancing number of acquisitions, including WhiteHat’s own acquisition by NTT Security, is a great way to witness how rapidly the cybersecurity world is growing. Moving forward, it’s apparent that the demand for security will continue to increase each year.
AI and machine learning have grown greatly over the years, and it’s changing the way that organizations work on a daily basis. These technologies have allowed years and years of data to collectively come together to provide an innovative service or product. As they have continuously grown, it has allowed data to be analyzed and compared to help determine vulnerabilities, and it will continue to shape the future of cybersecurity for years to come.
Securing software development during the lifecycle of an application allows developers to put in place the best practices to defend their own code. Unfortunately, there are many developers unaware of the importance of core security principles. As a result, they are willing to bypass this and find themselves regretting that negligence when a security breach occurs.
It’s time to take a bigger look at the benefits of what can be achieved when embracing DevSecOps, such as “cost reduction.” Detecting vulnerabilities during development will allow for quick remediation and ultimately increase product sales.
Overall, my experience at InfoSec 2019 exposed the latest innovations and products of many vendors. During the event, it was great to see many hot topic discussions, including Women in Cybersecurity, which further emphasized the importance of diversity in the field. The rapid growth in our industry has never been more apparent, and I’m excited for what lies ahead.