Forrester Research has found that 39% of surveyed organizations currently use low-code to empower citizen developers and another 27% plan to do so in the next year. This is an exciting opportunity for business professionals and their companies alike, representing increased efficiencies, effectiveness and ability to scale. However, as Forrester also notes, this comes with significant risks – and the analyst firm has gone so far as to predict a headline security breach at a major enterprise in 2023 as a direct result of low-code/no-code (LCNC) development.
As Zenity’s CTO Michael Bargury puts it in his latest Dark Reading column, the fact that Forrester is “forecasting that this major breach would be the result of business users, i.e. citizen developers, using LCNC, is an extraordinary attempt to wake up the security community before it’s too late.”
There’s a risk that Forrester’s prediction will be overlooked in the wave of breach fatigue that has left even cybersecurity professionals desensitized to warnings about cyber risks, due to the flood of breaches and the inevitability of major breaches occurring in any given year. The LCNC context, however, makes this warning different in important and fascinating ways.
As Bargury explains, “This prediction is so powerful since it comes in strong contrast to the tendency some security teams have to treat apps built by business users as toys or POCs rather than critical infrastructure. This assumption, warns Forrester, is wrong and will lead to dire results. In recent years, LCNC has become a reality in the enterprise, and business users have been building impactful apps that large organizations now rely on with or without the security team’s knowledge.”
To read Bargury’s in-depth analysis of Forrester’s prediction and what it means for businesses, citizen development and cybersecurity – as well as why the warning is also good news in disguise – head over to Dark Reading now.