For Cyber Security, the third industrial revolution has been somewhat of a double-edged sword. Electronic and information technology connectivity has resulted in practical efficiencies which, at the turn of the 21st century, resided in the realm of imagination. However, the ease with which we can (or, if you are a millennial, expect to) access information and services, is causing headaches for those who act as data guardians in organisations and their associated third-parties.
All this within the context of increasing pressures on the speed at which products and services are released, and rapid deprecation of technologies. Thus far, much of the response from the cyber security community has been reactive, and reminiscent of the Red Queen’s comments to Alice in Lewis Carroll’s Through the Looking Glass, "it takes all the running you can do, to keep in the same place. If you want to get somewhere else, you must run at least twice as fast as that!" Can we run twice as fast? With a shortage of professionals within cyber security, we are unlikely to fulfil that requirement, at least in the short term. Another option would be to fundamentally change the process, or Alice and the Red Queen’s chess game.
One of the fastest moving areas in security is application development. Product development cycles are now counted in days, instead of months. And speed must be supplemented by due diligence on code integrity and security. There are simply not enough security professionals with coding experience (and vice versa) to continue to satisfy the timelines and requirements. How do we resolve this? Let’s look back to the first industrial revolution, where machinery removed labour-intensive manual processes and activities, thus freeing capacity and significantly improving the output of more consistent products. The same principles can be applied to application development. Leveraging automation and streamlining of processes will help organisations to scale with existing methodologies.
To prepare for the fourth industrial revolution, where the pace of change is only expected to increase, perhaps we should give Alice a new game plan! Akin to the effects of new machines in the late 18th century, more efficient deployment of toolsets and processes through automation could be just the tonic for security professionals (and product managers!) to help to satisfy our need for omnipresent connectivity and increasing efficiency.
