Beware of mistakes that can compromise IT security: Gartner
It cautions against treating security of products, applications as an afterthought
'%3e%3cpath%20d='M20.7725%2026.9924C20.9555%2026.9924%2021.1297%2026.953%2021.2951%2026.8741C21.4604%2026.7953%2021.6346%2026.6694%2021.8177%2026.4965L27.8373%2020.8125C27.9848%2020.6752%2028.0865%2020.5353%2028.1425%2020.3929C28.1985%2020.2505%2028.2264%2020.1183%2028.2264%2019.9962C28.2264%2019.869%2028.1985%2019.7343%2028.1425%2019.5918C28.0865%2019.4494%2027.9848%2019.3095%2027.8373%2019.1722L21.8177%2013.5417C21.6142%2013.3484%2021.4375%2013.2098%2021.2875%2013.1259C21.1374%2013.042%2020.9708%2013%2020.7877%2013C20.5181%2013%2020.2981%2013.0916%2020.1278%2013.2747C19.9574%2013.4578%2019.8722%2013.6765%2019.8722%2013.9308V16.8147H19.6509C18.2827%2016.8147%2017.1014%2017.0258%2016.107%2017.448C15.1127%2017.8701%2014.2963%2018.4805%2013.658%2019.279C13.0197%2020.0776%2012.5466%2021.0402%2012.2389%2022.1668C11.9312%2023.2934%2011.7773%2024.5612%2011.7773%2025.9701C11.7773%2026.3006%2011.8575%2026.5537%2012.0177%2026.7291C12.1779%2026.9047%2012.3597%2026.9924%2012.5632%2026.9924C12.7259%2026.9924%2012.89%2026.9593%2013.0553%2026.8932C13.2206%2026.8271%2013.3693%2026.6719%2013.5016%2026.4278C13.9441%2025.5936%2014.4553%2024.9413%2015.0351%2024.4708C15.6149%2024.0004%2016.2838%2023.6685%2017.0417%2023.4752C17.7995%2023.2819%2018.6693%2023.1853%2019.6509%2023.1853H19.8722V26.0998C19.8722%2026.3591%2019.9574%2026.5728%2020.1278%2026.7406C20.2981%2026.9085%2020.513%2026.9924%2020.7725%2026.9924Z'%20fill='black'%20fill-opacity='0.85'/%3e%3c/g%3e%3crect%20x='0.5'%20y='0.5'%20width='39'%20height='39'%20rx='19.5'%20stroke='%23F2F2F2'/%3e%3cdefs%3e%3cclipPath%20id='clip0_715_28555'%3e%3crect%20width='16.4491'%20height='14'%20fill='white'%20transform='translate(11.7773%2013)'/%3e%3c/clipPath%3e%3c/defs%3e%3c/svg%3e){kind=small}
A SIGNIFICANT number of IT products and applications do not have adequate security, and this includes high-assurance systems such as payment systems and electronic voting machines, warned Ray Wagner, Gartner's managing VP for Secure Business Enablement. One reason for this is that security is treated as an afterthought, he said.
Mr Wagner noted that many software providers and project managers do not factor security into an application or device from the earliest stages. "It's difficult enough to close off possible attack paths during the design phase, and it is nearly impossible after deployment - particularly since the product will typically be maintained and updated by personnel who did not participate in the product development and may not fully understand its underlying architecture and design principles," he explained.
Problems also arise when trained security practitioners are not involved in the design and implementation.
'/%3e%3cpath%20d='M35.1847%2014.0422L9.37867%2024.1703C8.88772%2024.363%208.86989%2025.051%209.35015%2025.2688L15.0551%2027.8567C15.2097%2027.9269%2015.327%2028.0594%2015.3778%2028.2212L17.8255%2036.0078C17.9491%2036.4009%2018.4247%2036.5534%2018.7539%2036.3054L23.0143%2033.0968C23.2178%2032.9435%2023.4961%2032.9364%2023.7072%2033.0787L30.8526%2037.8975C31.2091%2038.1378%2031.6951%2037.9339%2031.7732%2037.5114L35.9896%2014.7059C36.0747%2014.2456%2035.6206%2013.8712%2035.1847%2014.0422Z'%20fill='%23FDFEFF'/%3e%3cpath%20d='M15.3125%2027.9998L30.4162%2018.627L19.3691%2029.3628L19.548%2033.3966L18.9531%2036.1248C18.3783%2036.7236%2017.9297%2036.2772%2017.8477%2036.0662L15.3681%2028.178L15.2734%2028.0233L15.3125%2027.9998Z'%20fill='%23C8DAEA'/%3e%3cpath%20d='M18.3594%2036.4259L19.3511%2029.3447L23.519%2032.9856C23.303%2032.9612%2023.1588%2032.9863%2023.0268%2033.0859L19.0712%2036.0718C18.6289%2036.4572%2018.4297%2036.4455%2018.3594%2036.4259Z'%20fill='%23A9C9DD'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear'%20x1='33'%20y1='7.5'%20x2='19'%20y2='36.5'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%231E96C8'/%3e%3cstop%20offset='1'%20stop-color='%2337AEE2'%20stop-opacity='0'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e)
BT is now on Telegram!
For daily updates on weekdays and specially selected content for the weekend. Subscribe to t.me/BizTimes
Technology
Meta’s results are best viewed through rose-tinted AI glasses
'Harvesting data': Latin American AI startups transform farming
After long peace, Big Tech faces US antitrust reckoning
Tech’s cash crunch sees creditors turn ‘violent’ with one another
Tech millionaires chase billionaire tax shields with ‘swap fund’
Elon Musk’s Starlink profits are more elusive than investors think
