�
PREDICTIVE
INTELLIGENCE
Technologists need a new approach to application security to manage a rapidly expanding attack surface
Joe Byrne , CTO Advisor , Cisco AppDynamics , discusses why integrating application security into Digital Transformation programmes is key and why this should be recognised as the foundation for sustainable and accelerated innovation . pplication security
A has become a major concern for organisations over the last two years . Rapid Digital Transformation to meet constantly changing customer needs and enable hybrid work has meant a dramatic increase in release velocity . But application security simply hasn ’ t kept pace .
In recent research from Cisco AppDynamics , The shift to a security approach for the full application stack , all surveyed technologists from the United Arab Emirates ( UAE ) admit that rapid innovation during the pandemic has come at the expense of robust application security . And there is now widespread concern that applications are increasingly vulnerable to new and emerging cybersecurity threats .
With widespread adoption of multicloud environments , application components increasingly run on a mix of platforms and on-premise databases , expanding attack surfaces considerably . This is leaving major visibility gaps for IT teams and increasing the risk of a security event , the consequences of which are potentially catastrophic – service disruption and outages which can result in poor customer experience , reputational damage and lost revenue .
The move to cloud-native technologies has highlighted the limitations of traditional approaches to application security , where security has often been overlooked until the very end of the production pipeline and there has been very little collaboration between developer and security teams . It has also exposed the shortcomings of siloed security solutions which make it impossible for technologists to cut through data noise to identify security issues which pose the greatest risk to customers and the business .
In order to address this growing challenge , IT departments need to take a security approach to the full application stack , leveraging the power of automation and Artificial Intelligence ( AI ) and integrating security at every stage of the application life cycle from the very outset .
Cloud-native technologies have dramatically expanded attack surfaces
The research finds that 95 % of UAE organisations have experienced an expansion in their attack surfaces over the last two years and 49 % state that this is already presenting challenges .
Technologists cite a number of factors that have triggered this expansion in attack surfaces , the most prominent being the increased use of Internet-of- Things ( IoT ) and connected devices within their organisation . New hybrid working models have also served to expand attack surfaces .
In addition , rapid cloud adoption and the shift towards microservice-based application architectures are exposing applications to new and more varied vulnerabilities . The sheer volume of applications , spread across multiple entities , has made monitoring security throughout the DevOps pipeline extremely challenging .
IT teams are becoming overwhelmed by soaring complexity
Unfortunately , most IT teams currently don ’ t have the right level of visibility into these enlarged attack surfaces to identify and address vulnerabilities . A large proportion ( 81 %) of technologists across the Emirates report that their current security solutions work well in silos but not together , meaning that they can ’ t
Joe Byrne , CTO Advisor , Cisco AppDynamics www . intelligentciso . com
33