Staying Ahead of the Curve—QA Strategies From Real Time Security Breaches


Deepika Mamnani

January 23, 2015

Life can only be understood backwards. The wise, learn from past world events and move forward.The  recent break up of a gun smuggling ring at the Atlanta airport  and the hacking of the Twitter and YouTube accounts of the U.S. Central Command has raised security concerns on everyone’s minds.These and other global events have  exposed new vulnerabilities in the cyber and human security network points. Technology, study of human behavior and testing of the same clearly needs to keep up with this dynamic situation by providing just in time detailed, secure information to the government agencies, law enforcement, transportation hubs and the public.

A QA professional can learn a lot from these incidents in building their strategies across all domains.Here are some thoughts that one would do well to think about:

  • Identifying new penetration points: Attacks  have now changed to the digital social media world which has become one of the largest penetration points for security breaches.
  • Changing profiles: Data suggests that criminal profile is constantly changing and includes all genders and backgrounds. In the Atlanta airport case, it were employees of a leading airline with approved background verification. Hence we continuously need to study subject behavior, periodically revalidate and update our test data.
  • Innovative data tests: Recent news states, that it is possible to foil biometric fingerprint security by using commercial software and a couple of high resolution photos. This clearly indicates the need to constantly determine new data sources.
  • Digital interconnected testing: The management and traceability of any security breach requires sophisticated systems  inter-connected with real time data. This is not possible without just in time data simulation tests.
  • Real time Synchronization of environments:  Sharing intelligence information globally, implying instant synchronization can play a key role in foiling such attacks.
  • Adoption of cloud based and virtualization technologies for monitoring: Even if security has a solid data base profiling key potential suspects, there is yet the herculean task of monitoring digital footprint of all suspects, all the time. This can be greatly eased by using cloud infrastructure and virtualization techniques for 24 X 7 monitoring.
  • Importance of testing localized integrated systems: In this scenario, testing of security, intelligence, travel, and immigration data across all geographies and channels.

It is not the strongest of the species that survive, or the most intelligent, but the one most responsive to change. Be that individual. Stay ahead of the curve.

Great ! Thanks for your subscription !

You will soon receive the first Content Loop Newsletter