Security is the New Player
by Christopher McGrath, Program Director
Faster, higher, stronger! This is the Olympic motto, but it could just as easily be the motto for the Technology industry as well. Speed, above all else, seems to be the one that is emphasized. Be the fastest to market, have faster development cycles, fail and iterate faster and then, quickly make it good enough to get it to market. Phew...The technology industry marries ingenuity with speed. There is a premium to give people the autonomy to flex their creative muscles. With a focus on speed and ingenuity there is another player that is moving its way to the forefront. This player has always been there. It’s important. The role it plays however is shifting. This player is security.
Security is not a new player, we’ve always said security is important. People value their privacy, we want secure data and password protected websites. Two factor authentication is becoming the norm. While security has always been on our minds, there is a shift occurring where security is moving from an afterthought to an essential piece of the software’s design.
Security is not just technical components built into the software. Security includes people and culture. As security standards become more stringent and far reaching, for example GDPR security will need to become an integrated aspect of a company’s business model. Notice I said an integrated aspect of the company’s business and not development process. Information security is broad reaching and impacts every aspect of the business.
So what should we consider? Allow me to offer you a few things:
(1) information security is about people, culture, and technology. Integrate security into all aspects of your business.
(2) Information security is not a check box, it’s not a onetime thing. Compliance to information security standards is an ongoing effort. At Lucd, we just received our report certifying we are compliant with SOC-2 standards. This means that our work has just begun. It’s an ongoing effort to maintain compliance with this and other standards like NIST 800-53, GDPR, and HIPAA.
(3) Make security a significant component of your software’s design. At Lucd, we’ve built our platform on top of SIMP, an open source automated security framework developed by NSA. SIMP is an integral part of our platform’s design and helps us maintain compliance with NIST 800-53, HIPAA, and other security standards.
As we develop new software to go 'faster, higher, stronger' make sure your integration has security on the MVP list.
If your at Gartner Symposium/ITXPO October 14-18 and want to understand how AI can be implemented with security in mind stop by our booth in the Pacific Hall #847!