In the wake of the Equifax breach, software security is more paramount than ever. But as software applications continue to grow more complex and hackers’ methods grow more and more sophisticated, how can we safeguard our systems and prevent these kinds of breaches in the future? For more on that, check out what our friends at CAST Software have to say!
If you’re looking to know where your applications stand on cybersecurity, these two articles from our friends at CAST Software are a great place to start.
The Equifax breach has affected an estimated 143 million people. If cybersecurity wasn’t on their minds before, it most certainly is now. A recent poll corroborates this—indicating that nearly 8 in 10 people believe that companies who don’t protect customer data deserve more severe legal penalties.
As customer frustration, PR fallout, and class-action lawsuits begin to mount, it’s time for everyone in IT to take a hard look at their own software systems and what kinds of vulnerabilities they might have.
If you’re looking to know where your applications stand, the following two articles from our friends at CAST Software are a great place to start.
“The dangers with open source, however, are at least the same as for custom software. If it’s not checked against industry standards for quality and security before it’s put into production as part of a bigger system, there can be trouble. This is where Equifax failed…”
“Since the focus of the hack was around open source components, it raises the critical issue of security across the software supply chain. Most large industrial apps are now built with a substantial amount of open source software, like Struts. In some cases, third party software incorporated in an app may contain components of unidentified origin. All externally acquired software must be tested and vetted with the same rigor you would hope is being applied to internally developed software, but often this is not the case…”
What did you think of the Equifax breach? Is it making you reassess your own priorities on identifying—and closing—vulnerabilities within your own software? We’d love to hear your thoughts!