Do Software Programmers Need to Use Cybersecurity?

Yes!!! If the software does not have cybersecurity built in from the start you will spend decades trying to patch holes. For example, Microsoft spent much of the 90’s and early 2000’s trying to make Windows safe. Facebook is now dumping tons of money into patching vulnerabilities that could have been avoided during the coding process.

The basic programming skills and some Linux commands along with the knowledge of computer architecture will make a well-rounded IT professional. I suggest a flavor of Debian and a widely used programming language like Java.  As a cyber-security professional, you should also be able to recognize a piece of executable code or a piece of code that does not belong. Many random pieces of code have been found in software and on hardware while in development phases. Some of the attempted hackings on the Pentagon are from rouge code inserted during development (Lynn, 2010).

 Every employee who has the authority to set cyber security policy should know enough to be able to determine what effect the policy will have on the programmer or the software. A basic knowledge of how code works and how an operating system is configured will guide a policy maker in the decisions. One suggestion I have to improve the security posture is to use more open-source code. This topic is controversial but many experts believe that open-source code is safer than the code that is kept hidden from outsiders. The many sets of eyes looking at the freely published code are often better than any formal code review (The Economist, 2008).

References

Lynn, W. I. (2010). Defending a New Domain. Retrieved from US Cyber Command: http://www.defense.gov/home/features/2010/0410_cybersec/lynn-article1.aspx

The Economist. (2008, December 4). Marching off to cyberwar. Retrieved from The Economist: http://www.economist.com/node/12673385