To gather insights on the state of application and data security, we spoke with 19 executives who are involved in application and data security for their clients. Here’s what they told us when we asked them, “What are some real world problems being solved by securing applications and data?”
- The problems that are solved are those that are never seen – hacks that never happen. Application security stops financial disasters at the Federal Reserve and the IMF. Others enable communications for national defense. Software is eating the world. There are huge efficiencies being driven but these are open to new attacks with everything being on a computer. The potential cost to the reputation of a firm is billions of dollars.
- We’re not solving the problems. They keep cropping up with OPM, DNC, and Clinton email breaches. We do not have proper application based security.
- PCI implementation. While this can be daunting, it’s mostly scare tactics versus providing clients guidance the way we do. If you’re level four you answer 200 questions and have a firewall. Level one is more but those companies can hire a qualified security associate. OWASP 10, common sense, education – freelance analyst needed to document what they were doing with the data to keep the customers’ information safe.