siliconindia | | JUNE - 20238Does the ever-growing risk of cyber threats bother you? Did you notice how some of the major banks, airlines, hotel groups, social media giants, telecom companies, oil and gas companies, were all victims over time? Did you wonder if your company will be next? Or are you already a victim even after all the spending on security, and wondering what did you not do to prevent it? Then read on.Where is the chink in your armor?Almost all these victim companies have some good security budget that increases every year. They spend a lot of money to deploy the typical security controls (firewalls, IDS/IPS, Secure Content Management, anti-malwares, SIEM solutions, etc.). Yet attackers find a way in. How?The answer is simple. Hackers always try unconventional multi-vector attack techniques. So, while companies kept spending more and more money on traditional defensive measures, the hackers turned their attention to other not-so-secure assets.Today's businesses are run by their applications. These applications are not limited to secure data centers anymore. They are on cloud, on our mobile phones, in our watches, and even microwaves and doorbells. Most of these applications use personal and business-sensitive data. These data can sell for millions of dollars in the online black market and is the main motivation behind hackers to steal these data. Yet, to operate as expected these applications need to have their ports open in the firewall and allow traffic through the perimeter defenses. The hackers have thus started preferring this path of least resistance, to gain access to corporate database. Sadly, these applications end up being the proverbial `chink in the armor' of an enterprise security program and are a major contributor to global data breaches and ransomware attacks.Your production applications are probably vulnerable.You are scanning your applications for OWASP top 10 vulnerabilities before they go to production, right? Is that enough?Throughout my career, I have seen several Fortune 500 companies struggling to get this right. Developers are always under immense pressure to deliver within a deadline. Speed to market is critical to maintaining a competitive edge. And right before a new feature can go live, comes this scan report with hundreds of security issues to fix. This is so late in the project timeline that even By Partho Banerjee, VP, Global Head of Application Security Architecture and Engineering, ChubbHOW TO COPE WITH TODAY'S EVER-EVOLVING CYBERTHREAT LANDSCAPEIN MYOPINION
< Page 7 | Page 9 >