API Security Still Overlooked, Says Contxt CEO Mayur Upadhyaya
Application programming interfaces or APIs are essential building blocks of the modern digital world. They connect different software and services, enabling them to work together and share data. Unfortunately, despite their widespread use, API security remains overlooked.
During the recent Infosecurity Europe event, Mayur Upadhyaya, CEO of Contxt, highlighted several key points about the importance of API security:
- APIs have become vital to people’s digital lives, and their usage has accelerated during the pandemic.
- API security is often neglected, and API access vulnerabilities are exploited in the majority of data breaches.
- API security is not just an IT issue but also a business issue that requires collaboration between experts from different departments.
The Need for Better API Security
Upadhyaya emphasized the importance of improving API security in today’s connected digital world. APIs have become fundamental to our daily lives, enabling the exchange of information between various software and services. However, this also makes them a target for cybercriminals seeking sensitive data.
APIs are one of the weakest links in today’s cybersecurity defense. They provide easy access to valuable data, and their security is often neglected. According to Upadhyaya, more than 80% of data breaches are caused by API access vulnerabilities, and many of these breaches go undetected for months.
To make matters worse, API vulnerabilities are often difficult to detect and remediate. Unlike traditional application vulnerabilities, API vulnerabilities are more challenging to exploit and require more specialized knowledge. Companies need to focus on API security with the same level of attention as traditional security methods, such as firewalls and anti-virus solutions.
Collaboration for Better API Security
Upadhyaya also stressed the need for collaboration between different departments within an organization to improve API security. API security is not just an IT issue; it is a business issue that requires collaboration between IT experts, developers, and business stakeholders.
API security should be incorporated into every stage of the development cycle, from planning to testing and deployment. Companies must prioritize API security by incorporating it into their overall cybersecurity strategy and ensuring that they have the necessary resources and expertise.
API security is a critical issue that needs more attention in today’s interconnected digital world. Companies need to prioritize API security by incorporating it into their overall cybersecurity strategy, collaborating between different departments, and ensuring that they have the necessary resources and expertise. By doing so, they can protect themselves and their customers from the serious consequences of a data breach.Original Article: https://www.infosecurity-magazine.com/news/infosecurity-api-security-next-big/