Security testing balances speed, safety in business

Continuous integration of security measures with business agility highlighted as essential.

In an evolving business landscape where agility and security often seem at odds, experts like Sunil Joshi, Head of Digital & Communications Services APJC at Orange Business, are underscoring the critical need to balance the two effectively.

This balance is not just a one-time setup but a continuous, evolving strategy crucial for maintaining competitiveness and ensuring customer trust.

"Businesses need to be more agile, because they want to serve their customers in a very quick time to market and obviously gain market share. At the same time, being secure," Joshi explained.

According to Joshi, the answer lies in the integration of continuous security testing throughout the application lifecycle. "Having a secure environment for the applications that we're exposing to our customers is a very critical component. It's about finding the right balance of making sure you're secure, as well as agile for serving your customers' demands," he stated.

The APJC region, in particular, is seeing an evolution in its security testing needs. Traditional methods that once dominated are making way for more dynamic and continuous practices such as penetration testing as a service. This service allows businesses to continuously expose and address vulnerabilities within their attack surfaces.

"I would like an external testing capability to come in the shape of what 'broked but fraud' offers as well as other entities, which then gives a pen test as a service, which constantly has the pen test occurring so that they can expose vulnerabilities within your attack surface," Joshi elaborated.

The integration of security testing with business operations is increasingly recognized as essential, not optional. As businesses expand into hybrid work environments and cloud services, the complexity of their attack surfaces increases. 

Balancing security with swift operations is more than a technical challenge; it's a strategic imperative. The traditional view that robust security slows down business operations is being challenged by the need to address rapid market changes and customer demands. 

"Balancing security without security tends to be restrictive, because you want to make sure everything is right. But being quick to market also makes sure that you are addressing your customer demands," Joshi remarked.