The dilemma whether to open or not to open code still seems not to vanish. In fact, the dilemma is getting more and more powerful as the time goes by.
Vulnerability on one hand, is taking a toll. Nowadays, a lot of companies worldwide are struggling with debugging software, the cost of which has risen to $312 billion per year globally.
Paying a ransom on the other hand, can cost less than recovering encrypted data.
Is there a solution?
Yes! Securing the code seems to be the definite answer. According to Tech News World, by securing the code, companies not only protect their enterprise data, but also save themselves a lot of time, energy, and money.
“Responsibility for securing enterprise applications has been moving down the development lifecycle, and for good reason. It not only makes the enterprise more secure, but also saves companies time and money.
For example, the average time to fix a vulnerability in IBM's application security solution has dropped from 20 hours to 30 minutes, according to a study Forrester Consulting released last month. Also, finding bugs earlier rather than later in the development process resulted in a 90 percent cost savings, the study indicated.”
Writing code and deciding whether to open it or not is a challenge. But writing a more secure code in the first place seems to sound as ‘not their job’ to many developers. Be it the company’s fault for not emphasizing the security as much, or developers themselves who don’t see it as part of their job, not securing the code can cause serious problems in the long term and increase the risk of vulnerability.
“Developers don't inherently think about security -- they're paid to ship code. We've been saying that developers should write good code for the last 20 years, yet nothing happens," Rami Essaid, CEO of Distil Networks said for TechNewsWorld. “We live in a much more complex software environment than ever before. A lot of open source tools are used. We're using a lot of plug-in software. We're using a lot of stuff that we don't write the code for,” Essaid added.
It is true that securing the code takes a lot of time and energy from developers, but in the end, a more secure code will pay off. The company’s data will be more protected, and there won’t be as much need to spend time, money, and energy trying to fix the code or pay a ransomware.
“If you're finding problems when the software is already working, you're going to have a hard time fixing them, because you've passed most of the lifecycle stages,” Israel Barak, CISO of Cybereason said for TechNewsWorld. “Going back to the drawing board is going to be extremely expensive,” Barak added.
(Image Source: ExpertBeacon )