In the U.S., this is the time on the corporate calendar when National Cybersecurity Month is marked. An important area within this framework is the importance of having clean codes and trouble-free coding.
According to Olivier Gaudin, Co-CEO & Founder, Sonar, the series of events for October 2023 are essential for promoting change. However, it is important that business leaders sit up and take notice.
Gaudin states: “A message to business leaders and technical folks alike: Software is immensely pervasive and foundational to innovation and market leadership. And if software starts with code, then secure or insecure code starts in development, which means organizations should be looking critically at how their code is developed.”
There is a reason for this: “Only when code is clean (that is, consistent, intentional, adaptable, responsible) can security, reliability, and maintainability of software be ensured.”
In terms of how the state of play is looking, Gaudin advises people not to become too complacent: “Yes, there has been increased attention to AppSec/software security and impressive developments in this arena. But still, these effort are being done after the fact, that is after the code is produced.”
The consequences, otherwise, are severe: “Failing to do this as part of the coding phase will not produce the radical change that our industry needs. Bad code is the biggest business liability that organizations face, whether they know it or not.”
Gaudin also cautions that many businesses simply do not know: “The chances are they don’t know it. Under their noses, there is technical debt accumulating, leading to developers wasting time on remediation, paying some small interest for any change they make, and applications being largely insecure and unreliable, making them a liability to the business.”
The generative AI revolution will probably only make matters worse, according to Gaudin: “With AI-generated code increasing the volume and speed of output without an eye toward code quality, this problem will only worsen. The world needs Clean Code.”
This should become a campaign point; “During Cybersecurity Awareness Month, we urge organizations to take the time to understand and adopt a ‘Clean as You Code’ approach. In turn, this will stop the technical debt leak, but also remediate existing debt whenever changing code, reducing drastically the cybersecurity risks, which is absolutely necessary for businesses to compete and win — especially in the age of AI.”