Many of us breathed a sigh of relief when 2020 was over and we welcomed the new year. While nobody could have foreseen the major events of last year, it’s a NowSecure tradition to make annual predictions for the world of mobile application security and mobile app privacy.
The pandemic taught us that mobile apps are critical to connections and e-commerce, and threat actors have followed. Going where the traffic is, attackers increasingly target mobile apps. (See our recap of the top 5 mobile app security incidents of 2020.)
The pandemic taught us that mobile apps are critical to connections and e-commerce, and threat actors have followed.
So what does the future hold for mobile appsec, mobile app privacy and mobile DevSecOps? We asked NowSecure experts to peer into the crystal ball to forecast the future. What follows are their best insights and predictions for what you can expect to see in 2021.
- “The SolarWinds hack will put software supply-chain security back under the microscope and create increased pressure on mobile app developers and open-source software suppliers to provide assurances around the security of their dependencies. A variety of new offerings will enter the market claiming to address software supply chain security.”
—Dawn Isabel, Research Engineer
Recognition of Enterprise Risk
- “The market will recognize that mobile apps are the gateway to the enterprise for more than 60% of all transactions and a gateway that must be secured because it has authenticated access to the enterprise.” — Alan Snyder, CEO
Intensified Focus on Privacy
- “User data privacy will continue to be a major talking point in 2021. Recent privacy-focused changes such as Apple’s new App Store® privacy labels have been positively received by app users but criticized by app developers with ad-based/data collection revenue models. With users becoming more privacy literate, app developers will likely be forced to reevaluate the permissions their apps request and the data they collect.” — Rono Dasgupta, Research Engineer
Growing Interest in Standards and Compliance
- “Standards continue to become more important in 2021. Mobile developers will be expected to write their applications to adhere to more regulatory guidelines than ever before.” — Michael Krueger, Director of Application Security
Hybrid DevSecOps Roles
- “We’ll see accelerated emergence of hybrid roles across Sec/Dev/Prod where either a security person or a person responsible for security is embedded from the beginning to the end of the process.” — Jenifer Bauer, Director of Customer Experience
IT and OT Converge
- “IT/OT (Information Technology/Operational Technology) convergence becomes cooler to say than DevSecOps”. — Tony Ramirez, Senior Mobile Application Security Analyst
- “Security leaders will be encouraged to share data and collaborate for a more effective mobile app security plan. For example, financial institutions that have the pulse of the financial health/risk of their customers and data from their partners will play a major role in identifying and minimizing this risk together.” — Miriam Roberts, Enterprise Sales Manager
Mobile IoT Takes Off
- “The widespread use of Mobile IoT in organizationes, homes, factories, cars, wearables and more will drive the need for standards and tools for integrated Mobile IoT security testing.” — Brian Reed, Chief Mobility Officer
As 2021 unfolds and we discover how many of these predictions transpire, keep up with the latest DevSecOps and mobile application security news by subscribing to our twice-monthly All Things Mobile DevSecOps newsletter.
One thing that should not be a mystery for anyone is the security and privacy posture of the mobile apps your company builds and purchases. NowSecure automated mobile application security testing solutions and penetration testing and training services identify the broadest array of security threats, compliance gaps and privacy risks to help you protect your organization and your users. Get a free mobile security and privacy risk report now to see what you’re missing.