Why do we need security awareness? Apps/tools/services are under constant scrutiny, and researchers are continuously looking to solve the multitude of problems accidentally created by developers.It’s hard to admit, but researcher evolution, motivation and attitudes are currently more up-to-date than many organizations’ ability to fight back against them. It is therefore time to wake up; it’s time to raise the awareness and fight back.There are real-life examples about this matter. Breaches at Target, Home Depot and Anthem – to name a few – have made the wider public aware of security, and there surely will be many more incidents like them to come.Sure, many might read these stories and feel like a security breach is a distant threat. But what if the breach happens to you? Would you be prepared to explain why the breach happened and what it involved?Knowledge increases pain, doesn’t it? Developers cut corners with their trendy “agile” processes and/or as a result of pressure from customers. Worse still, many of them don’t really know or understand the basics of information security and data privacy. This is unacceptable.There are areas of information security of which developers should be aware in their daily work in order to avoid becoming the weakest link in the security chain. By paying the proper amount of attention to these areas, we can work together to prevent the exfiltration of stolen data even in the event of an IT system intrusion.Join my BSides Las Vegas presentation on Tuesday, August 4, 2015, 5 PM, where my goal is to help you become awesome @ InfoSec.My presentation will show you how to raise awareness of crucial areas in information security, from business cases to security incident management and everything important in between. These can be assessed through evaluating your existing evidence and fixing the identified gaps internally to gain better defense mechanisms against attackers.
About the Author: Petri Koivisto (@petriokoivisto) is InfoSec awareness enabler, social engineering enabled, fight back researcher, husband, daddy-o, Rottweiler owner, heli-skiier, inked and a different kind of leader. If he is not sailing the InfoSec seas at “work” he puts all his effort to hangout with his awesome family.Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.Title image courtesy of ShutterStock