Open the pod bay doors, Siri...the evolution of th... » We've all had some sort of experience with an intelligent assistant. Whether it's Apple's Siri, Micr... Databarracks becomes a ‘Corporate Partner’ of th... » Disaster recovery service provider Databarracks, has become a ‘Corporate Partner’ of the Business Co... Sepura launches SC21 small hand-held smart radio » Cambridge:  Sepura recently unveiled the SC21 next-generation, high-performance small smart TETRA ha... SURVEY: 1 IN 2 BUYERS REQUIRE CSR IN PROCUREM... » Almost half of buyer documents (48 per cent) seen by electrotechnical businesses with turnover above... G4S Africa supports small business development thr... » The latest product in the G4S Deposita range is a smart safe system called mini-pay that holds up to... Commissioner's statement following incident in Man... » This is an utterly appalling attack. My thoughts are with the people of Manchester as they try to co... UPDATE: Policing events in the Capital » Following the horrific terrorist attack in Manchester last night, in which 22 people were killed and... Statement from Assistant Commissioner » Statement from Assistant Commissioner Mark Rowley, Head of National Counter Terrorism Policing: The... Met intensifies policing activities in London fol... » The Metropolitan Police Service (MPS) has increased police numbers and operations across the Capital... OF FOOLS OF THE MIDDLE BELT, ONE NORTH AND PASTORA... » Please visit also: SERIES: BUHARISM AND THE FIERCE URGENCY OF NOW A treat...



Viewpoints Header

Paul Curran, Content Specialist, Checkmarx looks at several major trends to provide insight on what the software security world will look like in 2020.

Society, having moved from an industrial age to the birth of the internet is now truly an era where software has become the most critical aspect of our modern world. In earlier times, manufactured products left the factory with just a single purpose, now, through updates via the internet, products evolve or play host to the 4.5 million apps available on platforms from Google, Apple and Microsoft. From national infrastructure to banking and even the cars we drive, software is vital for our health, safety and wellbeing.

Rise of IoT makes software assurance more vital

With analysts suggesting that there will be 50bn Internet of Things devices in use by 2020, the current playbook for IoT development is still immature. As witnessed by recent distributed denial of service attacks that hijacked smartphones and a range of vulnerabilities in consumer electronic devices, there is not enough attention being paid to securing IoT devices. There is a palpable fear that a major category of IoT products embedded within a life-critical application such as health, CNI or automotive is vulnerable to a major attack through negligence in software security.

IoT security will be enhanced

Over the next few years, Industry groups and regulatory framework within automotive (Misra) and healthcare (HIPPA) backed by governmental agencies are likely to expand their role in ensuring that the software embedded with IoT devices adheres to the agreed level of security and compliance. Organisations and especially device vendors need to plan for this change and start considering how to build a secure software development cycle.

AR VR Risks

VR and AR will likely reach mass market in 2017 and as a result, developers will be racing to build software for emerging platforms like Oculus and Microsoft Hololens. During this rush, proper application security practices may not be properly adhered to introducing vulnerabilities to the end user which, when exploited, may have access to the users' camera, microphone, and in some cases even spatial mappings of their environments.

Secure Development Skills Shortage

The lack of secure development awareness centres on the skill shortage that organisations are facing. The situation is getting worse according to Symantec CEO Michael Brown, "In 2015, more than 200,000 cybersecurity job positions went unfilled, a shortfall that is on track to increase to 1.5 million by 2019.” To address this issue, the industry needs to stop applying a bandage and start treating the patient which means dealing with the underlying problem of poor security within software code. Developers will become more empowered and receive the right training and tools to deliver software that has less vulnerabilities. By 2020, we will see more universities introduce secure development courses and developers will be measured not just on the functionality and the speed of app delivery but also how secure their code is in relation to measureable standards.

About the author

With a background in mobile applications, Paul brings a passion for creativity reporting on application security trends, news and security issues facing developers, organizations and end users to Checkmarx's content.