‘Security must be placed in the hands of software developers’

19 Aug 2022

Adi Sharabani. Image: Snyk

Snyk’s new chief technology officer examines some of the biggest challenges facing the security industry right now and why silos must be eliminated.

Adi Sharabani is the CTO of Snyk, a Boston-based cybersecurity company specialising in cloud computing.

Before joining Snyk, Sharabani was a general manager in the enterprise division of Symantec – which was acquired by Broadcom in 2019 – running its endpoint solutions business.

Sharabani joined Symantec via the acquisition of Skycure, a mobile threat defence company that he co-founded in 2012. Prior to founding Skycure, he was a leader in security strategy for IBM software products.

In his current role, he is responsible for setting both the short and long-term vision for Snyk’s security platform. He also oversees Snyk Labs, “where the ideas to fuel our future innovation are born and incubated”.

He told SiliconRepublic.com that he must work closely with Snyk users to understand their pain points. “Having seen first-hand in my previous roles the need to turn the old security playbook upside down, I’m excited to be driving Snyk’s strategy of empowering developers to not only build our digital futures but also secure them.”

‘Delivering secure software quickly has never been more important’

What are some of the biggest challenges you’re facing in the current IT landscape?

DevOps teams operating in silos, external from security platforms and personnel, creates challenges, not only for teams but also those who use their applications, and ensuring security detracts from development time in too many cases.

As such, security is an extra job, a chore even, and is not prioritised from an application’s infancy, creating susceptibility to future breaches. This is a chaotic way for DevOps teams to work.

We address this problem by creating a developer-first security platform. This ensures that developers build security into their continuous development process.

Otherwise, developers must continually backtrack to ensure applications are secure, which is both impractical and potentially dangerous. This focus on understanding developers is why they are so important to driving our technology strategy forward.

What are your thoughts on digital transformation?

We’re living through a wave of digital transformation that is making every company a software development company. From financial services to media and entertainment, or from travel and e-commerce to healthcare and banking, our work and lives have become digital. Because of this, delivering secure software quickly has never been more important.

Unless we move the needle of security forward, this data will be ill-protected. To do so, security must be placed in the hands of software developers.

Security needs to evolve to align with technology, which is a challenge, but putting developers at the heart of security is our best chance to keep pace. Snyk’s platform gives developers the ability to develop securely, freeing them from the shackles of external security procedures. By making security developer-first, it is built into the software, eliminating the need to backtrack to protect, which is often done too late.

On a positive note, digital transformation has changed the way Snyk employees work for good. Physical presence is no longer a requirement for us, or even an amplifier, to our ability to do our best work. We’ve found that digital and virtual collaboration has expedited productivity in many ways, democratising meetings and voices to lead to a more inclusive and equal environment. I don’t see us turning back.

How can sustainability be addressed from an IT perspective?

Businesses are the largest contributor to climate change, whether they specialise in IT or not. Therefore, it’s up to us to take responsibility and lead the sustainability charge in our respective industries.

This must be done with authenticity and transparency. Otherwise, we will only be cheating ourselves and the communities we serve and protect. I believe that sustainability must be fully woven into how we construct our overall business strategy and plans, design and build products, engage our networks, go to market and measure our success.

Our entire ecosystem must be enabled to partner with us to drive long-term social, environmental and financial returns.

What big tech trends do you believe are changing the world?

I believe that the decentralisation of security will change DevOps. Security, in many cases, exists detached from where it is needed and where decisions are made, creating a challenge for development teams.

Developers who must prioritise security in their operations find this difficult from within silos, as security solutions lack the agility to engage with them comprehensively. Security should not be located in a separate team but as an extension of the development and operations team.

We’re helping shift the ownership of security from independent teams to a developer-first security platform designed to serve them. This puts security in the hands of the people with the greatest power to implement it.

The extent to which security can reach in the development process then has no limitations while still providing teams with the freedom they desire. I think decentralisation will open up more of the business world to ensuring security in their development process and its convenience and benefits can no longer be ignored. It’s certainly very exciting and a DevOps game changer.

How can we address the security challenges currently facing your industry?

We need to place developers at the kernel of our strategies. At the end of the day, they are the people responsible for building and maintaining applications and software – and when vulnerabilities are exploited, they are very often handed the blame.

Thus, they need our support more than ever to push security forward in line with digital transformation. Listening to their pain points and their needs must drive how we overcome security challenges.

10 things you need to know direct to your inbox every weekday. Sign up for the Daily Brief, Silicon Republic’s digest of essential sci-tech news.