The sudden public health incident of COVID-19 can be likened to the daily issues faced by businesses today. It is just like a software security incident caused by vulnerabilities and taken advantage of by computer viruses. What are the lessons that a CTO can learn from this?
Legislation in China regarding cyber security is growing. The recent cryptography law enacted on January 1st 2020 puts even more pressure on organisations to create secure applications by ensuring data transferred or stored is encrypted thus making it harder to be exploited by hackers. Static Code Analysis provides a means for developers to identify weak encryption or encryption not being used where it should be.
The financial services industry is falling behind in cyber security - so where should their focus be?
Application security controls and secure coding standards along with weak encryption standards appear to be absent within financial services apps. This makes them wide open to vulnerabilities like data leakage, reverse engineering attacks, and decryption of sensitive data. What needs to be done and what should they focus on?