Technology, culture, and process all have to change to ensure safe software is delivered faster. It’s a lot to tackle. But you don’t have to do it alone. The Secure Developer, a podcast from Snyk’s founder Guy Podjarny, just hit 100 episodes of thought-provoking conversations with security experts at a wide cross-section of companies.
With work-from-home now the default mode in most industries, organisations and employees now have to access and transfer files across home networks and personal devices on a daily basis. Naturally businesses are concerned as leaked files can have serious financial and legal repercussions.
Everyone wants to automate security. Traditionally, though, doing so has been challenging because setting up security automation tools required a specialized set of skills that no one engineer at a company possesses. It’s time to change this state of affairs by democratizing security automation. Here’s why and how.
IT workloads are increasingly moving to the cloud, changing the way organizations develop and deliver software. Deploying and running production systems is now separate from the hardware and network, infrastructure is defined through code, and operations are now part of cloud service APIs.
People make up an important part of an organization’s security posture. That’s because some employees have the rights necessary for accessing sensitive data as well as the privileges for viewing and/or editing critical systems. If those individuals have the right focus and training, they can play a crucial part in keeping those assets safe against digital attackers. But if they aren’t paying attention, they could do something that puts their employer at risk.
As insurance organizations look to attract and engage customers, the growing use of web applications has increased their cyber exposure and the risks of cyberattacks. In this benchmark study, we analyzed the attack surface of the top 10 insurers in Europe to highlight the common attack vectors and security weaknesses that could be exploited – from page creation method to vulnerable components – and our top tips for reducing web application security risks.
Don’t let myths undermine the security of financial software. We examine the seven myths and misconceptions found in FSI application security. It’s obvious why cyber criminals are drawn to the financial services industry (FSI). It’s the Willie Sutton logic updated: he robbed banks because “that’s where the money is.” But today it’s not just banks.
With more colleges and universities incorporating Software-as-a-Service (SaaS) platforms to support registrars, admissions, and financial aid offices, schools are collecting more electronic student information than ever before. Combine that with weak networks and systems, however, and the state of cybersecurity in higher education earns an F. Higher education needs to focus more efforts on protecting this information from cybercriminals.
More and more companies understand the benefits of cloud computing, which is making their migration to the cloud more rapid. Per IDG’s 2020 Cloud Computing Study, 81% of organizations said that they’ve migrated either one application or a portion of their infrastructure to the cloud. The reasons why a company would shift its services towards the cloud depend on its business priorities, of course.
