Blog post

Software development and cyber security

Today we are running some kind of software in almost every second of our lives. Software runs our devices in our homes, workplaces, and everything between. There is something about software we all should know.

Jul 1, 2023

Today we are running some kind of software in almost every second of our lives. Software runs our devices in our homes, workplaces, and everything between.

The biggest statements of this situation can be the self-driving car which are basically the software implementation of a vehicle.

The issue for cyber security experts is not this, we leave it to the human scientists to deal with if it is right or wrong for humans in the long term.

The issue for us is the way how the software is developed.

The initial problems come from the market pressures on software developers in the first place. Even the biggest software companies have the same mantra as the smallest ones. “More features and faster time to market.” Which is on one side, we must admit, is very good, as software development gives work to many people. As a work or job it can be very comfortable. some people say that you can be very lazy after a while.

The secondary issue comes from the handling of security (and sometimes quality) in the development methodologies or cycle. In most cases these are coming after the closing of a development cycle, sometimes at the closing of the whole development, and sometimes are completely missing. And the problem just grows if this software is used in a mission critical infrastructure element like a hospital or a power station.

There are good news or solutions for this situation. Software developers can (and should) establish the same procedures, standards, processes as every company does who takes cyber security seriously.

There are other methods specifically for software developers. Namely secure by design and secure development. Secure by design means that the original plan or design of the software calculate the potential issues. Secure development covers the actual working methods, tools and environment the software developer uses working.

And lastly, they can start the security checks much earlier in the development process. It is sometimes called shift left. It means that there are regular security checks implemented in the software development and not just at the end.

We think the software developer who uses and implement these methods and tools will win at the end. They will produce a much better quality and more reliable product. This way they will win and retain more customers because they can be trusted. And from here, we can easily translate these into financial advantages.

All in all, cyber security can help to change software quality, income and profit.

About the Author

Jozsef worked as a CISO in a central hospital and in a school district. He is the founder and owner of Torotoro Ltd. He holds the following certifications: Security+ - CompTIA - 2023 Security Consultant - Ministry of Justice NZ - 2023 Certified Cyber Security Professional – Google – 2023 NZPA – NZ Privacy Commissioner – 2022 OPSWAT Certified Cyber Security Associate – OPSWAT – 2022 OSINT training – European Security Academy – 2021 Fortinet NSE – Fortinet - 2020 Virtual Agile Teams – IIL/PMI – 2020 ISO 27001 Lead Auditor – TÜV Rheinland InterCert Germany – 2019 NZQE recognized Level 7 General Informatics Diploma - 1996

Related Posts

Why kiwis are suffering in cyber?
Why kiwis are suffering in cyber?

Many experts say that Kiwis are suffering in cyber.
Especially in the SME sector, which means family and private businesses.
Let us enumerate a few reasons for this.