Forrester: Companies still not using secure practices
September 20, 2012 —
(Page 2 of 2)
Related Search Term(s): software development, security, tools
Wang agreed that software security maturity won't happen without development being involved. Development managers play a critical role here. “They can get developers engaged and can set goals to encourage cross-role collaboration to enhance application security measures,” he said. “Therefore, it is extremely important for dev managers to realize the state of software security risk and how they can help.”
Protecting intellectual property
Wang explained how software development managers could better protect their company’s code (which is also their intellectual property) in light of all the security breaches that happen. “Development managers would do their companies a service by incorporating good security measures in their development practices. This will help reduce expensive downstream work to chase down security vulnerabilities as well as costly incident response actions,” he said.
Of course, protecting company intellectual property requires more than just software security. For example, operational procedures, network security, and good runtime threat detection capabilities all come into play, Wang said. “But software security is a necessary component in your defense arsenal. Without that, it's like having your front door wide open: The best network security on the planet won't protect your intellectual property.”