Help AG CTO on the security challenges when embracing new technologies
Nicolai Solling, CTO at Help AG, on what the security challenges are when embracing new technologies.
New technologies are a beautiful thing but of course come with a security price. Arguably, in the last 20 years, there is probably no area that has had a greater impact on our professional and personal lives than IT- the Internet and the devices that we use to consume new technology.
Moving forward, this will by no means change. Rather, I believe our dependency will only increase. Today, Digital Transformation is not just a business enabler, but also a key competitive parameter for almost any organisation. Look at the local super market, which is increasingly getting its delivery orders through smart applications, or the way we book a table at a restaurant, or even a service for our car or a taxi to take us from point A to point B.
As Digital Transformation is imperative to business existence and relevance in the future, being able to secure the processes is also extremely important. And it is exactly here that lie the security challenges of embracing new technologies. We always focus on functionality features and think that security is a given, while this is not the case. The amount of zero-day vulnerabilities Help AG’s pen-testers find is a good reflection of the fact that technology is not flawless. How one deals with this is what sets organisations apart, and ultimately this will decide how securely they can enable new technologies. The fact is that every time you change your use of technology, you have to put on your thinking hat as to how this can be abused and then define your mitigating strategy.
Just think of how we use e-mail today – we access it from private devices such as smartphones and tablets and we are all aware of how much sensitive information is available in e-mail. So, the risk would be around data leakage on those devices. Your mitigating factors should be able to secure the content on the device, such as through containerising the application and being able to delete the data in case the device is lost, or the user leaves. Of course, this is just one short example. Any organisation should think about how technology can be used and abused and then they are welcome to contact us to discuss how it can be secured.