Active Defense & Deception , Application Security , DevSecOps
Why Application Security Is Your Best Cyber DefenseIan Ashworth of Synopsys Details Top AppSec and DevOps Strategies
With attackers increasingly targeting weaknesses in applications to hack organizations and steal data, organizations must prioritize application security more than ever, says Ian Ashworth, a technical security consultant for Synopsys.
"The message is loud and clear: Businesses can't afford to sit on their hands believing it's not going to happen to them," says Ashworth, recapping a recent executive roundtable on application security that his firm sponsored in Amsterdam. "Press coverage brings that into focus every day."
Ashworth says developers increasingly understand the importance of application security. "The agile and the DevOps culture have helped to bring a level of accountability to the engineering teams that are responsible for not just the reliability of the solutions, but handling those outages, unfortunately, and that certainly focuses their mind," he says in an interview with Information Security Media Group.
More than ever, he says, "it's the middle tier of management who recognize the importance of this," although they can face challenges managing up to executives as well as coordinating development teams.
In this interview (see audio link below photo), Ashworth also discusses:
- Top takeaways and observations from the Amsterdam application security discussion;
- Why the topic of application security resonates;
- The importance of prioritizing application security in the name of cybersecurity defense.
Ashworth is a technical security consultant at Synopsys. Formally trained in civil and structural engineering, he instead pursued his teenage desire to "write code" and followed a typical software developer pathway, using his engineering knowledge to solving highly mathematical problems within the construction industry. After pioneering work in the realm of geographic information systems - a.k.a. "Google Maps" territory - he grappled with "big data" problems for marketeers before stepping into the U.K. payments industry, consulting with numerous service providers and retailers, building and operating high-availability electronic POS solutions. Subsequently, he cut his teeth in the world of application security and joined Silicon Valley startup Coverity, which was acquired by Synopsys in 2014. He has focused on helping quality-driven software development to embrace modern-day challenges, including preventing data breaches or getting hacked.