Predictions Series 2022: Crypto’s Role in Deciding Future of Application Security Solutions
Recent reports reveal how attackers are targeting gaps in Application Security frameworks. Each year, cyberattacks are getting more sophisticated in the way perpetrators use technologies to target their victims. 2021 was another challenging year for security teams due to many reasons. Applications continue to be rushed to production with too many vulnerabilities despite the limited availability of resources as the world embraces the hybrid workplace. With remote working becoming a norm, cybercriminals are attacking all fronts.
To understand how the application security landscape is shaping in 2022, we have predictions from
Pravin, tell us what are the biggest challenges in application security facing organizations in 2022?
Pravin Madhani (PM): Even as attacks get more sophisticated, some of the worst breaches in 2022 are going to come from simpler, well-known vulnerability attack vectors.
We’ve seen well-known vulnerabilities continue to be exploited by attacks. It’s why in the most recent 2021 revision of the OWASP Top 10 Web Application Risks, common vulnerabilities like SQL Injection, Remote Code Execution, and Cross Site Scripting continue to be part of the list (even if they’ve been lumped into broader categories). It’s the simple vulnerabilities that seem to continue to persist in code writing, and why organizations need to focus both on improving DevSecOps and runtim
Is cryptocurrency a safe ecosystem to deal in?
PM: With the rise of popularity of cryptocurrency, the major breach of 2022 will not be of data, but instead involve the loss of cryptocurrency.
With the rise of the popularity of cryptocurrency we’ve seen a number of new trading platforms launched, and the associated applications developed and released to support trading of cryptocurrency, payment by cryptocurrency, and savings accounts for cryptocurrency. This rush to cash in on the fad of cryptocurrency almost guarantees that some corners were cut in application development, meaning there are bound to be some vulnerabilities out there waiting to be exploited. We’ll be bold and predict that one of these applications will get exploited, leading to a major loss of cryptocurrency.
How do you see the investments in application security solutions coming through in 2022?
PM: We’ve seen the move to shift left, in the coming year we’ll see a move to shift right, where there will be an increased spend in securing applications running in production.
Many organizations rushed to “shift left” as that phrase gained popularity, moving security testing and secure coding earlier into application development. Even as money poured into these areas, it was obvious that the focus on security for applications running in production seemed to wane in the past couple of years. As attacks continue to increase, we predict that we’ll see an increase in spending on application security for applications running in production, essentially a shift back to the right.
Thank you, Pravin, for chatting with us! We hope to speak with you again very soon.
[To share your insights with us, please write to firstname.lastname@example.org]