Express Computer
Home  »  Guest Blogs  »  Prioritising risks to make technology fail-safe

Prioritising risks to make technology fail-safe

0 131

By Kavita Viswanath, General Manager, JFrog India

India has defied the global economic recession; the country’s GDP in 2022, at roughly seven percent, reflects the resilience of our fast-growing economy. With approximately 35,000 tech firms and 27,000 tech start-ups, employing around 5.4M people, the Indian technology industry is playing a pivotal role in powering the Indian economy.

Technology adoption is also skyrocketing. At the beginning of 2023, India recorded around 692 million internet users, with around 1.10 billion cellular mobile connections active during that period. By 2027, the number of e-commerce users is expected to reach ~1000 million. One of the key digital technologies – cloud computing – is expected to account for eight percent of India’s GDP by 2026. Indian citizens saw how technology turned key enabler during the pandemic with innovations such as Aarogya Setu – a ‘COVID-19 contact tracing, syndromic mapping and self-assessment’ digital app. Other government apps that are making our lives so much easier include mAadhaar App and mPassport Seva App, among others.

The Challenges of Tech Adoption

However, there is a flip side to this rapid technology adoption – organisations are increasingly finding it difficult to ensure comprehensive security for software solutions delivered and deployed. Indeed, today’s software developers are tasked with a lot more than just coding. To keep up with the fast-paced software-driven economy, they need to focus on automation, collaboration, security, distribution, data analysis, and agility to ensure quality builds and get releases to customers quickly and securely.

A critical threat is an overwhelming risk posed by inherited software supply chain exposures. A supply chain attack, also referred to as a value-chain or third-party attack, happens when the organisation’s system is infiltrated by an outside partner or provider who has access to its systems and data. With digitalisation of workflows, more and more suppliers and service providers are touching sensitive data, drastically increasing, and changing the attack surface of an enterprise. As per Verizon’s  2022 Data Breach Investigations Report, supply chain attacks have been responsible for 62% of system intrusion incidents, with many organisations unprepared to deal with them. Another global study, conducted by Venafi found that of 1,000 CIOs interviewed, 82% believed their organisations to be susceptible to software supply chain attacks.

As a result, organisations struggle every day to provide software with optimal security and protection against malicious activities, takeovers, data theft, and commercial sabotage. With more opportunities than ever for cybercriminals to exploit product software security vulnerabilities, manufacturers, vendors, device deployers, and end users face the distressing consequences of a lack of security hygiene in software. To defend against sophisticated cyberattacks, it is essential to secure software across the lifecycle.

Identification and Prioritisation of Risks is Key 

Earlier this year, JFrog launched the 2023 Security Research Report, an in-depth analysis of the top 10 most prevalent vulnerabilities of 2022-23, their severity level, and best practices for reducing the potential impact of each.

The #1 Critical Vulnerabilities Exposure (CVE) identified was the growing dependency on open-source code, and how organisations need to track the exponential increase in open-source components. A recommendation was for organisations to adopt a Software Analysis Composition (SCA) solution that allows secure risk management of open-source use through the software supply chain. This will enable:

a) An accurate Software Bill of Materials (SBOM) to help security professionals and developers better understand the components used in applications and gain insight into potential security and licensing issues.
b) Identification and tracking of all open source to factor in extensive software supply chains including partners, third-party suppliers, and other open-source projects.
c) Setting and enforcing policies to respond to license compliance and security events across the company.

An effective SCA tool such as JFrog’s X-Ray and within the Advanced Security solution allows organisations to have quicker, safer time-to-market, faster & relevant innovation, and eliminate unknown business risks. It helps to address common enterprise challenges such as Infrastructure as Code (IaC) security, keeping cloud deployment safe and secure, secrets detection for exposed keys and credentials, or services’ misconfiguration. It safeguards software delivery from source to edge in a unified software supply chain platform, ensuring that the software is designed from the get-go with the latest innovations in security.

Such a tool provides DevOps and Security professionals with a centralised system of records to ensure visibility across the business, allowing developers to get back to doing what they do best – writing great code that delivers innovative solutions to the end customer.

Get real time updates directly on you device, subscribe now.

Leave A Reply

Your email address will not be published.

LIVE Webinar

Digitize your HR practice with extensions to success factors

Join us for a virtual meeting on how organizations can use these extensions to not just provide a better experience to its’ employees, but also to significantly improve the efficiency of the HR processes
REGISTER NOW 

Stay updated with News, Trending Stories & Conferences with Express Computer
Follow us on Linkedin
India's Leading e-Governance Summit is here!!! Attend and Know more.
Register Now!
close-image
Attend Webinar & Enhance Your Organisation's Digital Experience.
Register Now
close-image
Enable A Truly Seamless & Secure Workplace.
Register Now
close-image
Attend Inida's Largest BFSI Technology Conclave!
Register Now
close-image
Know how to protect your company in digital era.
Register Now
close-image
Protect Your Critical Assets From Well-Organized Hackers
Register Now
close-image
Find Solutions to Maintain Productivity
Register Now
close-image
Live Webinar : Improve customer experience with Voice Bots
Register Now
close-image
Live Event: Technology Day- Kerala, E- Governance Champions Awards
Register Now
close-image
Virtual Conference : Learn to Automate complex Business Processes
Register Now
close-image