Saturday, March 04, 2006

The Risks of lack of Web Security Testing

Why should an organisation care about compromise of their systems?

Direct Financial Loss - If a payments system is being operated, the contracts with the banks and the credit card organisations will specify significant financial penalties and charges that will be levied in cases of continuing fraud. In addition, the costs of shipped goods for which payment will not be recovered need to be taken into account.

Loss of Reputation - Many hackers do it for the public recognition, therefore will publicise the compromise of a site. Security news sites are also very quick to learn of compromises. The UK consumer is still nervous about transmitting payments information across the web - gaining a reutation as in insecure site will affect internet business growth.

Legal Repercussions - The Data Protection Act places a legal responsibility on organisations to keep person-identifable data secure. The Data Protection Registrar civil damages suits from affected individuals. Also, exposure of commercially sensitive data acquired under contract or privilege may lead to damages suits from affected parties.


Post a Comment

<< Home