Huawei and Commvault jointly launch the Hybrid C... » Huawei and Commvault have released their Hybrid Cloud Backup Solution at CeBIT 2017, currently takin... MOBOTIX brings innovation and partnerships to ISC ... » During ISC West from the 5th to 7th of April at Sands Expo in Las Vegas, NV, MOBOTIX (stand 16065), ... ST. MICHAEL'S OPENS DOORS WITH HELP FROM ERA » David Stapleton and Era’s Tania Tams with Mrs. Grundy and pupils at St Michael’s First School Vig... 17% growth ensures Nationwide Platforms remains wo... » Nationwide Platforms has once again retained its position as the world’s largest IPAF provider after... Le Pen Seeks Anti-terrorism Operations in Chad...B... » "Well, Marine Le Pen may be able to save France from abroad. But hold on for a minute, do you really... Synectics to showcase urban transport surveillance... » David AindowUrban transport networks are in danger of data overload. Guarding against emerging secur... TomTom Telematics collaborates with SOTI » TomTom Telematics has announced a collaboration with SOTI that will see the company’s popular flag... Dimension Data launches support and managed servic... » London, United Kingdom: Dimension Data has extended its current offering with Cisco Meraki. This inc... LOCKEN ANNOUNCES STRATEGIC COLLABORATION WITH ISEO » Leading developers of cable free access control, LOCKEN and ISEO Group, an Italian based designer,... Sopra Steria finds UK citizens want more secu... » London: Sopra Steria has revealed that UK citizens are keener than ever to use digital public servic...


Viewpoints Header

Paul Curran, Content Specialist, Checkmarx looks at several major trends to provide insight on what the software security world will look like in 2020.

Society, having moved from an industrial age to the birth of the internet is now truly an era where software has become the most critical aspect of our modern world. In earlier times, manufactured products left the factory with just a single purpose, now, through updates via the internet, products evolve or play host to the 4.5 million apps available on platforms from Google, Apple and Microsoft. From national infrastructure to banking and even the cars we drive, software is vital for our health, safety and wellbeing.

Rise of IoT makes software assurance more vital

With analysts suggesting that there will be 50bn Internet of Things devices in use by 2020, the current playbook for IoT development is still immature. As witnessed by recent distributed denial of service attacks that hijacked smartphones and a range of vulnerabilities in consumer electronic devices, there is not enough attention being paid to securing IoT devices. There is a palpable fear that a major category of IoT products embedded within a life-critical application such as health, CNI or automotive is vulnerable to a major attack through negligence in software security.

IoT security will be enhanced

Over the next few years, Industry groups and regulatory framework within automotive (Misra) and healthcare (HIPPA) backed by governmental agencies are likely to expand their role in ensuring that the software embedded with IoT devices adheres to the agreed level of security and compliance. Organisations and especially device vendors need to plan for this change and start considering how to build a secure software development cycle.

AR VR Risks

VR and AR will likely reach mass market in 2017 and as a result, developers will be racing to build software for emerging platforms like Oculus and Microsoft Hololens. During this rush, proper application security practices may not be properly adhered to introducing vulnerabilities to the end user which, when exploited, may have access to the users' camera, microphone, and in some cases even spatial mappings of their environments.

Secure Development Skills Shortage

The lack of secure development awareness centres on the skill shortage that organisations are facing. The situation is getting worse according to Symantec CEO Michael Brown, "In 2015, more than 200,000 cybersecurity job positions went unfilled, a shortfall that is on track to increase to 1.5 million by 2019.” To address this issue, the industry needs to stop applying a bandage and start treating the patient which means dealing with the underlying problem of poor security within software code. Developers will become more empowered and receive the right training and tools to deliver software that has less vulnerabilities. By 2020, we will see more universities introduce secure development courses and developers will be measured not just on the functionality and the speed of app delivery but also how secure their code is in relation to measureable standards.

About the author

With a background in mobile applications, Paul brings a passion for creativity reporting on application security trends, news and security issues facing developers, organizations and end users to Checkmarx's content.