Nigel Thorpe hails from a software development background and moved to the IT security industry with Entrust Technologies during the early days of PKI. His knowledge has benefited a number of security companies in the UK, Canada, and the USA, and he now serves as Technical Director at SecureAge Technology. With a wide range of experience in different business environments, Nigel is well equipped to support SecureAge's mission of simplified cybersecurity. His mission, which he eagerly accepted, is to introduce our breakthrough technology to organizations across the globe so they can reap the benefits of a data-centric approach to information security. Nigel is helping organizations protect what matters most - the Data. Thorpe shares his 2022 predictions about software development cyber attacks, and why online software development repositories will be a target.
It’s going to be oh so quiet for software development cyber attacks in 2022.
Quiet threats will be a feature of cyber attacks in 2022, according to Nigel Thorpe, technical director at SecureAge. “Rather than go for the one-hit, big attack, cybercriminals are increasingly looking to infiltrate an organization without being noticed for long periods of time,” says Thorpe. “This way, data can be exfiltrated from servers and endpoints at a slow and steady pace so as not to attract attention. And with the increase in the home or hybrid working, it is information on remote computers that is typically less well protected, which is most at risk. By the time these quiet attacks are detected, it’s often too late.”
SecureAge’s Thorpe also believes that online software development repositories will be a target for these quiet attacks, while software vendors, will be increasingly targeted by sophisticated ransomware attacks. These quiet attacks enable the cybercriminal to alter code in the development process, so providing opportunities for very widespread and long-term attacks. These targets are appealing because they have the highest potential returns, with attacks potentially affecting huge numbers of end customers.
“This just goes to show that all data is sensitive and should be protected all of the time,” says Thorpe. “The traditional way is to try to stop cybercriminals getting to the data with increasing layers of defense and access controls. It’s time to change these habits and start to protect the data itself, whether at rest, in transit, or in use.”
Technologies such as full disk encryption are great if a software developer loses their laptop, for example, but are useless to protect data on a running development system. But with advances in technology and fast processing speeds, seamless data encryption can now be used to protect all data, structured and unstructured. This way stolen information remains protected and useless to cybercriminals.
"We need to start beating the ransomware criminals at their own games. After all, they can’t demand a ransom for data that is already encrypted before they get to it," says Thorpe.
Address:
1855 S Ingram Mill Rd
STE# 201
Springfield, Mo 65804
Phone: 1-844-277-3386
Fax:417-429-2935
E-Mail: contact@appdevelopermagazine.com