Girl programmer in the modern developer workplace showing application security

The Importance of Keeping Applications Safe and Secure To Meet Rising Consumer Expectations

As the Cybersecurity Awareness Month rightly highlights, there is a pressing need for us to stay safe as we stay online. COVID-19 has triggered a widespread transition into the digital sphere for everyone. And with it, comes both security risks and opportunities. For businesses, cybersecurity has never been more important as the economy goes digital. And worryingly, not everyone is prepared.

According to recent industry data, after the North America region, companies in Asia Pacific have seen the highest increase in cyber risk.  But this challenge isn’t unique to our region. 86% of the study’s respondents across the Americas, Europe, and APAC expect to suffer from a successful cyberattack in the next 12 months. Evidently, security must be made a priority on the business agenda. With consumers becoming more reliant on applications and digital services, cognizance about how their personal data is being stored and protected has also risen.

In a recent AppDynamics report, The App Attention Index 2021: Who takes the rap for the app?, we found that the number of applications people are using regularly has increased by a staggering 30% since the start  of 2020. And of course, a large proportion can be attributed to new users adopting apps for the first-time during lockdown to buy groceries, stay connected to friends and family, access essential services and even for contact tracing.

Sadly, but perhaps unsurprisingly, this massive switch to digital, and the sudden introduction of millions of vulnerable people into cyberspace, have presented a massive opportunity for cybercriminals to exploit. As Jürgen Stock, Secretary General of INTERPOL, reported in  August last year: “Cybercriminals are developing and boosting their attacks at an alarming pace, exploiting the fear and uncertainty caused by the unstable social and economic situation created by COVID-19.” The scale and sophistication of these threats have only increased since.

Consumers want it all: the “total application experience”

With people suddenly realizing the convenience of apps, their eyes have been opened to the incredible digital experiences that many brands are now delivering. Consequently, expectations have soared sky-high and tolerance for anything less than an optimal experience have hit rock bottom. In countries like Singapore, 70% of consumers say they expect only the best and will not tolerate poor performance.

Our research discovers that consumers now demand the ‘total application experience’, a high-performing, reliable, digital service which is not just simple and helpful, but also secure and fun to use. And that’s not all. In addition to the aforementioned requirements, consumers also expect personalization of services to meet unique needs and add value to their lives. What stands out is the importance that people now place on security. In fact, when asked to rank the elements that make a   digital experience optimal, security was the most important factor, with 62% of people citing it as critical.

One might have thought that with consumers so overwhelmingly reliant on digital services for almost everything throughout this pandemic, any concerns around data and privacy would have taken a backseat, but that couldn’t be further from the truth. Even as people demand the most innovative, intuitive, and personalized digital experiences each time they use an application, their security must not be compromised – 90% of consumers expect their data to be held safely and securely.

An application-first approach to meet the new security challenge

For IT and security teams, the dramatic increase in demand for applications and digital services, coupled with these heightened expectations for flawless application performance, creates a huge challenge. Across all sectors, we’ve seen rapid adoption of cloud computing technologies over the last 18 months, to meet consumer appetite and respond to changing customer and business needs. But this has resulted in organizations struggling to manage and protect soaring volumes of customer data across an increasingly sprawling IT estate.

Technologists that were previously responsible for a relatively consistent and fixed IT infrastructure now find themselves facing a fluid, constantly evolving IT estate, with customer data stored across distributed locations, often under different jurisdictions. In addition to the complexity of running modern applications across on-prem, multi-cloud and cloud native microservices, they find themselves battling an unprecedented rise in malicious security threats.

The only way forward is to embrace a new approach, one where security is a major consideration and driving force at the beginning of the development cycle, rather than an add-on at the end. We need to move away from the long-held belief that proper application security posture inhibits speed and innovation. This means discarding perimeter-based solutions that rely on traffic routing through them and assumptions on what the application might do with the payload. With the volume of digital transactions only set to increase and consumer reliance on apps steadily growing in Asia Pacific, it’s  simply not feasible to continue with an approach that takes  application and security teams an average of 280 days to detect and contain a data breach.

Instead, technologists need to start relooking at how they can protect the application from the inside-out. An application-first approach enables IT and security teams to identify vulnerabilities and threats within the application in production, and to protect the application against attacks in real time. This will allow them to correlate security and business data to prioritize remediation based on potential business insight.

An application-first approach enables IT and #security teams to identify vulnerabilities and threats within the application in production, and to protect the application against attacks in real time. #respectdataClick to Tweet

In order to implement this new, proactive approach to security, app and security teams need to have the right tools at their disposal. They need to ensure that wherever an application runs, they’re able to organically add security capabilities from within the runtime. In doing so, they can protect the application environment and continue to deliver the ‘total application experience’ that customers have come to expect.

 

Executive CTO at AppDynamics