'[ISN] Why the state of application security is not so healthy'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       isn
Subject:    [ISN] Why the state of application security is not so healthy
From:       InfoSec News <alerts () infosecnews ! org>
Date:       2013-09-24 8:19:05
Message-ID: alpine.DEB.2.02.1309240818540.19035 () infosecnews ! org
[Download RAW message or body]

http://www.csoonline.com/article/740164/why-the-state-of-application-security-is-not-so-healthy

By George V. Hulme
CSO Online
September 23, 2013

Application security is an alarming and persistent problem: Nearly 
one-third of all breaches can be attributed to attacks against web 
applications, and both web application and database attacks account for 
most records breached every year. That's according to the Verizon 2013 
Data Breach Investigations Report, which looked at 47,000 reported 
security incidents and 621 confirmed data breaches during the year prior 
to the report.

Web applications – because they are so easy to exploit and provide access 
into enterprise data – have long been top targets of attackers. That's why 
it's so surprising, or at least disappointing, that so many organizations 
pay application security such little attention.

For instance, our 2012 Global Information Security Survey, which was 
conducted by CSO and CIO magazines and PricewaterhouseCoopers and asked 
12,052 business and technology executives about their organizations' 
security efforts. The survey found that only 35 percent of those 
questioned actually include application security in their internal 
security policies.

Fortunately, not every company is so lax. Consider Menlo Park, CA-based 
medical image sharing startup Image32. Founded in 2011, Image32 aims to 
help ease patient and doctor pain when it comes to sharing medical images 
such as X-Rays, CT Scans, and MRIs. "If all of your care takes place 
within the same hospital building, sharing these images among doctors is 
typically no trouble at all," says Image32 founder and CEO Bob Pellican. 
"However, because of security concerns, once a patient goes to another 
medical building, they will most likely need to copy all of their images 
to a CD or DVD and carry them around from specialist to specialist," he 
says.

[...]



--
Find the best InfoSec talent without breaking your
recruiting budget! Post a Job, $99 for 31 days.
Hot InfoSec Jobs - http://www.hotinfosecjobs.com/

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic