Sitting with Bounce Security’s founder Avi Douglen, Aviva Zacks of Safety Detective had the opportunity to ask him how the Covid-19 pandemic is changing cybersecurity for the future.
Safety Detective: What drew you to cybersecurity?
Avi Douglen: Back in the 1990s and early 2000s, I was working as a programmer. When you learn skills as a programmer, you start noticing things that are broken, and there is a lot of broken code out there. Awareness of secure coding in cybersecurity was practically nonexistent and the more I went into it, the more I was interested in seeing how I could fix the code.
SD: What does your company do?
AD: Bounce Security is a consulting agency focused on software, application, and product security. The difference between this and most cybersecurity and information security is that it’s all about producing secure software. I work mostly with development companies teaching programmers to write more securely, showing them what could go wrong and how to build a better process so that they produce better code.
I work with the development manager and create what we call SDLC, Security Development Lifecycle, and I show them how to find all the possible threats that could be attacking their system in ways that they didn’t think about before. For example, if you put up a website, there are dozens and dozens of ways that you could be attacked, and as soon as you start developing more specific features, there are even more.
SD: What do you think is the worst cyberthreat today?
AD: The fact that nobody is working in their normal environment because of COVID-19 means that there are a lot more threats around that. But the biggest issue is that developers are not thinking through the threats and the issues of the consequences of what they’re developing.
SD: How do you see the COVID-19 situation affecting cybersecurity for the future?
AD: I think a lot more companies are going to be more open to remote work, and many companies will be moving to the cloud and doing all their work in the cloud. I like to call that pseudo cloud, which is when the cloud is only accessible from the private network that is locked down. Now companies are being forced to open their networks a lot more.
Companies that used to force everybody to work in the same building no longer have that opportunity, and that is not going away anytime soon. Even when people do get back to work, many employees will have to work remotely, and companies are being forced to accept that.