Software Development: Like everything else in tech, artificial intelligence is turning the developer world upside down in 2023. In a technology landscape brimming with promise, 2024 promises a paradigm shift for developers everywhere.
Another red flag for 2023 is the reputation of human error, leading to costly haven breaches. Verizon’s 2023 Data Breach Investigations Account revealed that human error was involved in 74% of all violations.
Errors such as abuse of privileges, accidental data disclosure, and falling victim to social engineering attacks occur due to various human factors and the critical consequences of revealing secrets, complains Eva Kontseva, CEO and co-founder of Teleport, developer of the open infrastructure Teleport access platform.
The spread of these problems has led to organizations turning to biometric equipment and identity verification. But attackers, rather than simply being content to steal passwords, are now actively seeking a range of secrets built into an organization’s infrastructure, counting browser cookies, private solutions, API keys, and session tokens, he suggested.
“To keep up with the step of threats, organizations realize they need to move to fully secret authentication by 2024 to protect a wider range of sensitive access points that are still vulnerable to threats,” Kontsevoy told TechNewsWorld.
He predicts that the widespread use of unclassified access in the next year will create immunity to human error and make it much more difficult for attackers to operate.
Forecasting Changes in Development and IT Security
Kontsevoy does not try to describe the changing events that software developers have to deal with. The significant change stems from a historic shift in how companies approach network security. The IT-centric approach of dedicated security teams is a thing of the past.
“We will see the role of security teams shift to consultants and auditors, and engineering teams will be responsible for selecting vendors and implementing security procedures,” he added. “Cybersecurity teams will rule and confirm workflows and systems meet security requirements.”
We’re in the midst of a massive data revolution driven by OpenAI, and artificial intelligence tools will continue to outgrow other developer integration tools, he shared, according to Yoav Abrahami, chief architect and head of Velo at website builder Wix.
These include innovations in DevOps, data mining, and project management. He said basic web vitals will become more critical, forcing developers to pay more attention to them.
“Developers are moving from their local workstations to the cloud. Those who leap will stay ahead of the curve,” he told TechNewsWorld.
Reducing the Role of Legacy Platforms
Digibee executives see three significant changes for developers this year:
- Low code will become more popular as the artificial intelligence boom continues.
- Integration will improve the organizational structure.
- Legacy systems will become obsolete.
There are parallels between use cases and artificial intelligence and low code adoption. According to Digibee CTO Peter Kreslins, AI helps organizations and individuals analyze, interpret, and manage massive data sets, create initial content drafts, find answers to questions, and recite medical images such as X-rays.
AI is growing in all use cases. Likewise, low code removes much of the burden of writing actual code.
Providing high-level direction takes less time because low-code systems are translated into code—similar to how generative AI systems like ChatGPT and Dalle-E save time in generating text or images based on high-level direction.
“As organizations look to expand software development for citizen developers to improve productivity and agility and to enable developers to focus more on system design and architecture rather than coding, low code enables such initiatives. Therefore, we expect low-code use to increase in 2024,” Kreslins told TechNewsWorld.
New IT Integration Practices
By 2024, there will be fewer legacy systems. They can only be described as existing and working systems.
“This is a reasonable description but perhaps too charitable. The reality is that legacy software is a huge barrier to innovation and change,” Kreslins said.
The ability of modern integration platforms to integrate legacy systems with existing systems allows organizations to continue using legacy systems that work well as part of their modern IT stack if they so choose.
“Legacy systems become obsolete but are expensive to replace in industries like financial services, so integrating them increases their use and supports innovation and change,” he said.
Full speed ahead for AIOps
Artificial Intelligence for IT Operations, or AIOps, resolves production a critical role for developers this year. According to Shahid Ahmed, executive vice president of the new ventures and innovation group at NTT, AI adoption is rising exponentially, and with AGI and the technological singularity still in the distant future, humans will be an essential part of the AI story.
“Organizations must look beyond next year to ensure they can embrace new technologies in the future and strive to achieve sustainability goals,” he told TechNewsWorld.
With the pace of AIOps development, the idea of a fully automated network operations center (NOC) with the lights off quickly becomes ideal. Ahmed predicts that over the next 12 months, network companies will continue introducing AIO into their more extensive operations to improve network quality, support engineers, and modernize infrastructure.
He expects the Dark NOC concept to enter the lexicon of the online world this year. While automation is at the core, human talent will be the key to success.
“Network providers need to focus on upskilling as well as providing the necessary training from a technology perspective, from standardizing APIs to optimizing data processes,” he added.
Developers welcome Practical Security Innovations.
Attackers will continue to attack the software supply chain, realizing the cost-effectiveness of compromising a key target with many downstream consumers, predicts Chris Hughes, principal security advisor at Endor Labs and cyber innovation fellow at CISA.
Attackers continue to realize that attacking a software vendor using its proprietary software or a widely used open-source software (OSS) library is more effective than attacking individual organizations.
“In 2024, we will last to see an increase in software supply chain attacks as attackers seek to capitalize on the sophisticated and unobservable software supply chain attacks common in most large enterprise environments,” he told TechNewsWorld.
This fact will stimulate further development of topics such as safety by design and software-responsible products. Hughes said platform providers will continue to try to make systemic changes, making safe changes to the platform that many tin profit after.
“Software liability will last and be a hotly debated topic. Many fear it will stifle innovation, while others say it is high time to hold software vendors accountable for the products they distribute to clients and consumers,” he argues.
Cases such as Progress Software’s MOVEit infringement and class action lawsuits exemplify what software providers can expect and the rise in false claims.
Meta can make Programmers Better.
With the arrival of 2023, Meta announced its Purple Llama tool, which empowers developers, improves security and creates an open ecosystem.
Purple Llama is an umbrella project of open trust and security tools. It benchmarks that aim to level the playing field for developers to deploy generative AI models and experiences following best practices responsibly.
“Organizations are committed to adopting cybersecurity best practices to protect models and investing in security measures to ensure AI systems are protected at all stages of the AI lifecycle to prevent unintended behavior or potential hacking algorithms,” Nicole Carignan, VP of Strategic Cyber AI . in Darktrace, told TechNewsWorld.
He added that the best approach to AI safety is varied and requires active collaboration from various global experts and perspectives.
“We expect that international cooperation and public and private area participation will be essential to ensuring the safety of AI around the world,” Carignan said.
While the project is based on Meta’s proposal, anything that helps dominate the possible Wild West is upright for the ecosystem, added Gareth Lindahl-Wise, chief information security officer at managed detection and response (MDR) provider Ontinue.
“We are likely to see similar offerings from consumer-facing and corporate-facing vendors, and we are already taking the first steps into the new area of due diligence,” Lindahl-Weise said.
Consolidation to Meet Regulatory Pressure
Software developers may need cybersecurity more directly than their IT counterparts. According to Teleport’s Kontseva, their industry will face even more pressure from regulators.
“Most of the world is now controlled by software. As a result, prominent cryptography experts like Bruce Schneier have advocated for more regulation, even arguing that we need to start regulating software the same way we regulate airspace,” he said.
While there is no silver bullet (and he doesn’t recommend regulating all software per se), mission-critical software systems, comparable to aircraft in terms of damage potential, may require it, Kontsevoy added.
It’s no coincidence that Gartner predicts that 45% of CISOs will expand their responsibilities beyond cybersecurity due to increased regulatory pressure and an expanding attack surface.
