December 9, 2011
By Alyson Behr
Software developers will play a greater role in ensuring enterprise security in 2012. Enterprise IT departments are no longer the only folks on the hook for locking down corporate networks.
Richard Clarke, former chief counter-terrorism advisor to the president and author of the book “Cyber War,” said that the threat landscape is changing. The actors are varied in their trade and more innovative. He pointed out that criminals are becoming very talented at breaching networks through Web and third-party applications. The advent of the cloud and its inherent multiple environments can leave backdoors unintentionally open, making them even more enticing.
This means that software development managers must begin testing their applications as thoroughly as IT tests its security infrastructure. These changes, along with the ramifications of impending government legislation, will significantly affect how developers look at application testing.
In a recent industry vendor-hosted webinar, Clarke, who has 19 years experience in the Pentagon, the White House and the State Department, called 2011 “The Year of the Breach.” Stories of attacks flooded the news. He described them as being tossed into the media melting pot, and spit out like they’re all one type of attack or from one attacker.