According to National Cybersecurity Awareness Month (NCSAM), “If everyone does their part – implementing stronger security practices, raising community awareness, educating vulnerable audiences or training employees—our interconnected world will be safer and more resilient for everyone.”
To create a more secure and interconnected world, we need to unite teams to achieve software excellence. In this way, application security in 2020 is about changing the culture of technology and finding a more unified vision of responsibility.
Business demand for applications is not slowing down, and organizations are under increasing pressure to deliver them quickly and securely. The DevOps movement has helped accelerate the delivery of software, but security is still often seen as a barrier to innovation and speed. While many development teams today acknowledge the inherent value of application security testing, they simply cannot afford to take time away from software delivery to deal with security vulnerabilities, and security teams simply can’t keep up with their timeframes.
What does this look like in real-world terms? Development teams are flooded with piles of security scanning tool alerts and can’t take the time to pinpoint which ones are critical and which ones are less important. Truly shared security responsibility involves both cultural and technological shifts.