Bellanger said, “Like any new environment, it takes time to figure things out. They realize the defenses they put in place are not working. There is a lot of money, and our apps are getting hacked, so we need to catch up with security.”
Having an application in the cloud is just having an application in multiple data centers. Companies have to understand what is being done to protect the applications in every environment. Bellanger said, “Move the security to the core of the application and build the security infrastructure into the application itself.”
Self-defending applications, Bellanger said, “Bridges the gap in the fragmented ecosystem.” The architecture will continue to change along with the underlying infrastructure, so the way to bridge the gap is to make sure developers are building good applications and software.
According to the Forrester Research report, security and risk professionals increasingly say they want what Bellanger suggests: Vendors to build security into their products and services, but before deploying products, enterprises need to evaluate tools and verify that they are effective.
Security professionals “Need visibility into the interaction between users, apps, and data across a multitude of devices and the ability to set and enforce one set of policies irrespective of whether the user is connected to the corporate network,” Holland said in his report.
“Enterprises are still trying to sort out what is hype and what can actually be helpful,” Holland said. Focusing on agility and visibility as they adapt to new environments will help developers build applications and defenders secure their data in more effective and efficient ways.
Sign up for CIO Asia eNewsletters.