logo


Survey Shows Nearly Half of IT Professionals Polled Feel Their Web Sites Are Not Secure, but Only 40 Percent of Them Test Sites on a Regular Basis
Tuesday, October 13, 2009 10:53 AM


(Source: MARKETWIRE)trackingSC World Congress -- Web application security and hackers are a key business issue, and in some cases the biggest threat for organizations. With intellectual property, critical client data and trade secrets being housed on internal and external Web applications, a security breach has the potential to destroy company reputation, brand and the business itself.

So in spite of the fact that the majority of IT professionals polled think their Web sites might not be secure, why are 63 percent of companies only testing their Web applications on a quarterly basis or less often? How are only 28 percent of respondents unaware of a security breach ever occurring at their company?

This data, culled from nearly 400 IT professionals, almost 50 percent of whom had annual corporate revenue of $100 million or more, comes from a survey on Web application security conducted by eMedia and sponsored by Cenzic. These results are surprising given recent high profile cybercrime headlines and an industry statistic those in the security trenches live by -- that according to Gartner 75 percent of all deployed Web applications are vulnerable to attack.

If management doesn't understand the seriousness of Web application security, how can the company's security professionals possibly get the support and financial backing they need to protect corporate assets? Buy-in from various levels of an organization is key, garner support by following these best practices:

-- Effectively communicate the issue and build application security awareness. Executive management might not understand the impact or urgency of fixing security defects. Explain the importance of preventing a data breach, identity theft, unauthorized access and downed websites. Be sure to stay clear of jargon and use real world examples highlighting damages to companies. It's important to provide training on Web security issues to all functions and not just developers.

-- Align your security strategy with business objectives. Discuss specific management goals and point out how a security breach could stand in the way of meeting these objectives, be they revenue or corporate reputation goals.

-- Calculate the ROI. The cost of a breach can be $500K or more per incident. For example the Heartland Payment Systems breach is estimated to have cost the company $12.6 million along with damage to their reputation and a dramatic drop in the company's stock price.

-- Cite laws and compliance issues. Be sure to point out penalties for non-compliance with regulatory standards, which can pile up quickly.



Related Stories





Subscribe to Email Alerts

 
(0)
No Comments
Post Comment
Name:  
Alert for new comments:
Your email:
Your Website:
Title:
Comments:
   
 
 
 
 
   
 

  
Related Press Releases
Advertisement
Popular Articles
Advertisement
Partner Center
Home | Login |Research | Earnings | Scans | Chat Rooms | Charts | Submit Article | Join Blog Network | Advertise | Subscribe to RSS

copryright 2009 all rights reserved
Fundamental data is provided by Zacks Investment Research, market data is provided by AlphaTrade. , and Commentary and Press Releases provided by Quotemedia