This is part of our 2022 cyber predictions series. We heard from top leaders in the industry about what cyber could bring in the new year.
Ryan Lloyd, Chief Product Officer, Guardsquare
“I predict mobile application security testing is going to become a true imperative for businesses in 2022. This will force those with mobile apps to shift left and reduce their reliance on after-launch or late-stage penetration testing which slows down CI/CD cycles and exposes apps to risk. Pentesting is expensive, slow, and the findings usually are shared back with the development team outside of the actual dev process. This means the feedback may or may not get implemented, and it often sets security and development teams up in opposition to each other — which, as we all know by now, is not ideal.”
“As security testing becomes more important (and more doable), developers will embrace automated testing, especially anything purpose-built for mobile apps. This enables them to get immediate feedback they can address within their routine development processes. If teams have trouble convincing leadership to invest in mobile application security testing, there are two obvious arguments that go beyond "it'll make devs' lives easier." One, it's faster, so apps can be released and updated quicker and companies can remain competitive. Two, identifying security risks early means they're usually much quicker and cheaper to fix— a win/win for everyone (except the bad guys, of course.)”
“Mobile apps will continue to increase in significance and importance in 2022 and beyond. The pandemic has demonstrated the power of Mobile - persuading even the most reluctant or risk-averse to use mobile apps for ordering food, playing games, shopping, communicating, and more. Pandora's box is now wide open, paving the way for increased adoption of mobile apps for even more important functions such as voting and telehealth. The sophistication of these and other use cases will move the security of mobile applications higher up on the agenda of organizations in response to public disclosures and challenges that will come to light. Mobile app security will also become increasingly more important because of the consequences being more impactful than ever.”