Cybersecurity: Three 2021 App Development Considerations

August 19, 2021 - 6 minutes read

The past year has proven to be one of the most incredible market shifts we’ve seen in decades. From an unprecedented shift to remote work, to new industries such as telehealth and IoT making waves in today’s dynamic work environments; the past year has made businesses fundamentally rethink how they operate. And while businesses around the world – from New York to London – look to traverse the new normal, and individuals assess new product offerings and services, one malicious industry is gaining momentous growth; namely cybercrime. 

As we’ve all recently seen, cyber-attacks are making headline news. Attacks such as the Colonial Pipeline attack, the JBS Foods attack, and ACER are only a few of the dozens of major cyberattacks that have taken place in 2021 alone. And with all of these new attacks happening on a seemingly daily basis, it makes a person wonder, why now?

The answer seems to lie in a few fundamental changes that have taken place over recent years. First, organizations have been undergoing a massive digital transformation over the past decade. From adopting new technology applications and services at an unprecedented rate to managing an exponentially growing amount of customer data. Today’s businesses have undergone a digital transformation seemingly overnight. This new accelerated adoption of applications and services – although supporting agility and flexibility needed in today’s business environment – is creating vulnerabilities for cyber attackers to exploit. 

In parallel to this evolution in today’s business environment, cybercriminals are adopting new techniques to gain access to environments undetected by modern security detection protocols. Today, research suggests that up to 60% of companies have experienced a data breach in the past three years. A truly astounding number when you stop to think about it. So, this perfect storm of data theft, breach, and exploit really points to one necessary consideration – take steps to be better protected. In this brief write-up, we’ll do just that; provide an overview of three cybersecurity concerns to address in 2021 and considerations around how to stay resilient to these modern threats. 

Protect Client Information

First on our list of app development considerations is protecting client information. One of the most valuable targets for cybercriminals today is personal client information such as name, address, social security number, and credit card numbers. These sensitive pieces of information are often stolen and sold on the black market to malicious organizations or individuals who wish to steal and exploit an innocent person’s identity.

In fact, to better understand the inner workings of these black market criminal economies, researchers have identified that stolen accounts such as PayPal and eBay accounts can sell for as much as $300 per account! And to build on that, bank accounts can sell for anywhere between $200 and $500 per account! 

The point of all of this. Do everything in your power to keep client information safe. When data leaks happen, both the client and the company suffer. From massive compliance fines to negative PR, companies that sustain data breaches and unintentionally lose or expose client data can expect a sizeable financial loss. 

Follow Compliance Regulations

Built on the importance of keeping client data out of the hands of cybercriminals, organizations today are required to meet a growing number of compliance frameworks such as PC-DSS, HIPAA, GDRP, and CCPA. What may have once been a slap on the wrist or a small fine, has quickly evolved into serious financial concern if organizations fail to meet compliance standards. In fact, discussed in a
previous Dogtown Blog, CCPA and GPDR are known to lay on some heavy fines for organizations that fail to meet compliance.

CCPA Fines 

Fines under the CCPA framework states that the maximum civil penalty is $2500 for every unintentional violation and $7,500 for every intentional violation of the law.

GDPR Fines

For GDPR the fines structures differ a bit. With GDPR organizations who are found to not comply with GDPR can sustain a fine of up to fines of up to €20 million ($24.1 million) or 4% of annual global turnover (whichever is higher).

Healthy Development Practices

Lastly, design practices are another area that requires serious attention. When organizations fail to follow healthy design practices, vulnerabilities in code can fall through the cracks. Take for example a fragmented development team, that isn’t writing code in such a way to minimize errors. Poor development practices can turn a great idea into a major vulnerability. 

Here, we advocate for a serious emphasis on testing and quality assurance. By prioritizing these roles, organizations can lay the foundation for healthy resilient design. 

Also, another design consideration is to have multiple developers oversee and assess each other’s work. Often, simply a second pair of eyes can make all the difference in mitigating errors and reducing the testing, patching, and updating lifecycle.

Tags: , , , , , , , , , , , , , ,