Data breaches are nothing new, but they have pretty consistently increased year-over-year. Despite the massive amounts of money companies invest into security to prevent breaches, they still commonly occur.
According to a report from the Identity Theft Resource Center (ITRC), 2021 saw an all-time high of data breaches, 23% more than the previous all-time high.
While the number of data breaches has gone up, the report also showed a 5% decrease in the number of users affected by breaches. The ITRC speculates this is an indication that bad actors are focusing more on specific data types instead of mass data acquisition.
According to John Brawner, director of support at the application security company PreEmptive, your company isn’t just vulnerable to attack on its existing products and services. They can also be vulnerable to attack in the development phase, where applications can be exposed to the possibility of piracy, tampering, and IP breaches. In fact, the average application will receive over 13,000 attacks per month during deployment, according to Contrast Security’s 2020 Application Security Observability report.
Related Webinar: Protecting your Spring Boot applications from recent critical vulnerabilities
Certain industries, such as software and financial services, are also more at risk from added negative side effects of breaches. In addition to the IP and data that attackers could access, companies can be found in violation of regulatory requirements specific to their industry that result in hefty fines.
According to Brawner, one of the best ways to protect applications is by applying obfuscation. This is a practice in which code in an executable file is modified in a way such that a hacker would no longer be able to use it in any meaningful way, but the code itself remains functional.
Obfuscation modifies method instructions or metadata, and makes reverse engineering any program difficult enough that it would no longer be cost-effective.
“Application shielding and hardening gives organizations a layer of protection against potential data breaches and intellectual property theft,” said Brawner.
To reduce the risk of attacks on the development process wreaking havoc, companies need to invest into things like security scanning during development and layering security onto an application before it is deployed, Brawner explained.
“With PreEmptive’s layered approach, using obfuscation, encryption, shielding and tamper proofing, applications can be developed to be difficult for hackers to read or access. Hackers rely on the ability to probe, discover and exploit vulnerabilities. By adding application obfuscation within your development process, hackers can’t identify the way the application operates or access your IP,” said Brawner.