“Applications Can Open the Door into the Whole Ecosystem, the Whole Organization”
Silo Busting 14: Sam Rehman and Eugene Dzihanau on AppSec
Apps don’t just bring us our favorite music and allow us to engage in mobile banking; they present great opportunities for cybercrime. More than 80% of cyberattacks enter through the application layer. That’s why this #CybersecurityByDesign episode of Silo Busting is focused on application security, or AppSec, as the experts call it. One of them, Eugene Dzihanau, EPAM’s Head of Defensive Security Services, joins Sam Rehman, our Chief Information Security Officer and SVP, and Producer Ken Gordon to think out loud about what AppSec means right now. Dzihanau says that, in our cloud-driven present, “Applications became much more than applications” and that in this world “everything starts to become an application.” Rehman agrees and says that it’s a dangerous time because cybercriminals are looking vigorously for vulnerabilities. “Whenever there is change, there is chance for an exploit,” remarks Rehman. How to make applications more secure? Start at the start. Dzihanau says: “Thinking about security from an architecture perspective from the beginning will save you a lot of headaches.” Of course, it’s not simple to make this happen, and Dzihanau counsels us to approach this carefully and intentionally: “Don’t set the bar too high. Address the change in behavior of your developers and architects and make sure that the security steps are done throughout your SDLC, from the beginning to the end, from design to deployment.”
Host: Alison Kotin
Engineer: Kyp Pilalas
Producer: Ken Gordon