(Toronto) A new study shows that a majority of engineers and software developers believe tight project deadlines can compromise security.
About 75% of 1,000 workers worldwide who responded to the survey released Tuesday say pressure to deliver projects on time and on budget could compromise critical aspects like safety.
Concern is even greater among engineers and developers in North America, with 77% of respondents on the continent saying the urgency of projects could strain security.
The study was conducted between July and September by research agency Coleman Parkes and commissioned by BlackBerry’s QNX division, which develops connected car technology.
The findings reflect a tug-of-war that engineers and developers face when balancing the need to meet project deadlines with regulations and safety controls that can slow the process.
Striking that balance is a challenge for developers of even the simplest devices due to technological advances, said John Wall, senior vice president of BlackBerry and head of QNX.
“Software is becoming more and more complex and there is more and more software, whether in a vehicle, in a robot, in a toaster, etc. It is therefore increasingly important to be able to patch vulnerabilities to prevent malicious actors from committing malicious acts,” he emphasized.
The medical, industrial and automotive sectors have standardized safety measures and everything they produce goes through rigorous testing, but this work doesn’t happen overnight. It must be done from the beginning and then at each stage of the development process.
“What makes security and safety difficult is that it is an ongoing process,” Wall said. It’s not something you’ve done and it’s over. »
The Waterloo, Ontario-based company found that 90% of respondents said organizations prioritize security.
However, when asked why security might not be a priority for their organization, 46% of respondents pointed to financial pressures and 35% to a lack of resources.
This doesn’t surprise Mr. Wall. Delays have become commonplace in technology development and, in some cases, can push back the launch of vehicle lines by two years, he said.
“We need to make sure people don’t compromise on safety so we can get products out faster,” he said. What we don’t want to see is people skimping on costs and creating unsafe situations. »
The investigation also took a look at security breaches, which have affected major companies like London Drugs, Indigo Books & Music, Giant Tiger and Ticketmaster in recent years.
About 40% of respondents reported experiencing a security breach in their employer’s operating system. These flaws had major consequences for 27% of those surveyed, moderate consequences for 42% and minor consequences for 27%.
“There are vulnerabilities all the time and that’s what makes the job very difficult, because when you ship the software, it probably doesn’t have any security vulnerabilities, but things are discovered after the fact,” noted M .Wall.