In a recent episode of KBKast, Host Karissa Breen engaged in an interview with Rad Kanapathipillai, who works in the field of data protection. The episode delved deep into the critical importance of safeguarding sensitive data across all stages of development, shedding light on the challenges organisations face and the strategies needed to prioritise data protection effectively.
Mr Kanapathipillai commented,
“Enabling and empowering developer communities to code securely and collaborate with security teams is crucial.”
Kanapathipillai’s emphasised on the need to embed security from the outset resonated throughout the conversation. He stressed the significance of encryption, compliance measures, and the protection of vital components such as code and passwords to mitigate the risks of data breaches. The pressure to expedite product launches often leads to security taking a backseat, underscoring the urgency for a redefined strategy that elevates data protection to the apex of organisational priorities.
The conversation weaves through the evolution of security awareness in agile environments, with Kanapathipillai highlighting the upsurge in DevSecOps adoption and the heightened focus on empowering developers to code securely. Deploying automation and AI is underlined as a means to address issues with standardised frameworks, infrastructure availability, and security bottlenecks, signalling a futuristic outlook in data protection endeavours.
A Change in Data Management
Rad foresees a paradigm shift in data protection, propelled by heightened awareness programs and stringent government compliance enforcement in the coming year. Additionally, the low utilisation of data masking across industries, despite being mandated, and the lax approach to securing non-production environments, elucidate the existing gaps that necessitate immediate attention.
He went on to say,
“While progress is being made in protecting data, there is still a lot of work to be done.”
The interview serves as a wake-up call, emphasising the imperative need to bolster non-production environment security, a facet that has historically been under appreciated. It steers attention towards the burgeoning cognisance of safeguarding customer information in alignment with regulatory standards and the challenges faced by retailers and organisations in handling personally identifiable information (PII) data.
Closing remarks from Mr Kanapathipillai reiterate the pivotal role of securing developer environments and essential aspects such as protecting sensitive information in the CI/CD pipeline, managing authentication keys, and comprehending various industry standards. The interview concludes with a poignant reflection on the pervasive gaps in how organisations safeguard their sensitive data, leaving an indelible impression on the urgency for improvement.