Software vendors often have a difficult time getting their software into enterprise environments, because of various security measures, said Dan Gillett, principal security analyst at security firm FireEye.
“This can be an issue for vendors, because they need to know if their products have a vulnerability that can be exploited.”
Gilletts firm has worked on the security of software since 2007.
“If they’re not careful, software vendors could find themselves locked out of certain business segments,” he said.
This has led to the “toll-your-security-system” industry, where many companies have adopted the security model of the “security first” vendors like Cisco, Oracle and Intel.
While Gillets firm is well-known for the security and auditing of software, he said he’s also seen companies fall prey to security breaches, particularly in the software development community.
“It’s an ongoing problem for software vendors. “
They’re paying too much attention to security, and they’re ignoring the consequences.” “
It’s an ongoing problem for software vendors.
They’re paying too much attention to security, and they’re ignoring the consequences.”
This can lead to data loss and compromised business models, said Gilletti.
The software that you download for your computer and the software that it runs on are the same thing, Gilletta said.
If a company is able to find a way to steal your data, the implications for business can be catastrophic.
“In a situation where data is stolen, it could result in loss of revenue, and that can have significant impact on business operations,” Gilleti said.
While it’s impossible to determine the full extent of the data theft, Gilttts analysis indicates that companies that use software that doesn’t meet the latest security standards are at a greater risk of losing money in the event of a security breach.
This could also have serious repercussions on companies’ ability to attract new employees.
“A lot of companies have become dependent on the software they use in their organization, so when a security flaw occurs, the cost of fixing that issue can be significant,” he explained, “and that’s really the problem.”
Gilttt said that some of the issues he’s seen in recent years are related to the growth of the Internet of Things (IoT) and other emerging technologies.
“I think there’s been a huge shift in the way that we think about security in our society, and the rise of these things is causing a lot of people to think differently,” he noted.
For example, he believes that companies like Facebook and Amazon are using security flaws to gain access to their users’ information, and there are a number of companies that have been targeted by cyber criminals in recent months.
The number of attacks on companies that are being attacked by hackers has risen significantly in the last few years, Gillett said.
He said that companies often look to exploit vulnerabilities in their own software to gain unauthorized access to data.
“These are the types of vulnerabilities that we see on a daily basis in all sorts of companies,” he continued.
“They’re really easy to exploit, because the vulnerabilities are already there.”
The threat to the Internet and businesses has been so prevalent in recent weeks that Microsoft has launched a security advisory that outlines how to protect yourself and others from data theft.
The company recommends that you use a password manager to safeguard your data.
The Microsoft software security bulletin also notes that companies should take a security posture, but says that companies also should review their policies and practices.
“To the extent that you have a policy or a business model that is overly reliant on your data being in your hands, you may not have the confidence to take those steps,” the bulletin says.
While the advisory may not seem as dire as a breach, it does underscore the need for more proactive measures.
“Companies that have become reliant on software as the basis for their operations should not rely on the vulnerability that could be exploited to compromise your data,” Gilti said.
“Your data should be protected and secured, but if you are not doing this, you will be losing a significant amount of business.”
Acknowledging that the threat of data theft is increasing, Microsoft has started rolling out a series of security updates to its Windows 10 and Windows Server 2016 operating systems.
These updates include updates to the Security Center that are designed to improve security for the system, as well as a new feature in the Microsoft Office 365 Suite that allows employees to review their personal data and use it elsewhere.
Microsoft has also launched a new security training and education initiative, which is available through Microsoft’s website.