News, Security

Why neglecting security in software testing is asking for trouble

A handful of CIOs from a variety of industries came together on Monday to discuss the role of software testing in digital transformation.

software testing
A handful of IT executives from a variety of industries came together on Monday to discuss the role of software testing in digital transformation.

Abdul Rahman Jaroudi, head of IT at Ajman Bank, kicked things off by saying that he is from the school of those who “doesn’t believe in testing outside of the organisation,” based on his personal experiences in the past.

“We have done some externally-led testing outside of the bank in the past, and we always ran into a range of challenges when it came to the tests being brought back into the organisation.”

Ahmed Al Ahmed, CIO at Nakheel, could sympathise with having faced similar issues himself. “It boils down to what you’re going to test,” he said. “In many cases, testers are keen to wait until the end of a project’s development before thinking about what it is they’re going to test – when in fact, this is wrong. Instead, it should be pre-planned, and the testing should begin at the initial stages of the application’s development.”

Nitin Bhargava, CTO at Mashreq Bank, said that security, performance and infrastructure testing are generally left until the end because “businesses believe they need the full construct before carrying out tests.”

However, he added that automation is key within this testing process, which was highlighted by his decision to get rid of Mashreq’s centralised testing team upon his appointment in 2015.

Ahmad Al Emadi, CISO at Dubai Municipality, gave an interesting spin on the conversation by highlighting the crucial role of security testing when deploying new applications. “All too often, organisations believe that leaving the security testing to the end of the testing process will suffice – it won’t. While there are benefits to this method, there are also severe cons, and we have recently implemented changes to ensure that security and quality assurance testing is integrated throughout the application testing process.”

He went on to add that the biggest risk most organisations face nowadays is operational systems going out of date, and “Microsoft is not even patching them.”

Vijay Jain, group head of IT at Truebell, Zubin Sutaria, information systems manager at Drake & Scull, Sayed Rahman, head of IT at SEWA, Shailesh Mani, CIO of Flemingo International and Aliasgar Bohari, IT director at Zulekha Hospital were also present during the discussion.

The roundtable was held in collaboration with Kualitatem, on the sidelines of Tahawul Tech and CPI Media Group’s CIO 100 Awards on Monday at Jumeirah Beach Hotel. 

Previous ArticleNext Article

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.


The free newsletter covering the top industry headlines