Send2Press.com • Today is Saturday, July 31, 2010   A Member of the Neotrope News Network Neotrope®
Affordable Newswire Services and Targeted Distribution
Send2Press Newswire - Press Release Writing, Targeted News Distribution and Media Relations since 1983
 |  Daily News Desk  |  Journalist Tools  |  RSS Feeds  |  Send2Press® Home Page  |  Send2Press® Services  |  Press Release Distribution  |  Press Release Writing  |  About Send2Press  | 
Press Release Distribution
 Search Send2Press.com:
Newswire Services
  Translate Page:    
PRESS RELEASE : U.S. and World News : Computing News
Insecure Applications Cost Users Billions, says The Security Consortium

Mon, 19 Mar 2007, 15:15:00 EDT
 Edited by Debra Tone
Email this news story Print this news story  Contact Info

SAN JOSE, Calif. - Mar. 19 (SEND2PRESS NEWSWIRE) -- Businesses could reduce their losses from data theft and intrusions if vendors would add dedicated security testing to their product development life cycle, says Mark Kadrich, CEO of San Jose-based Security Consortium (www.thesecurityconsortium.net), and author of "Endpoint Security" (ISBN 0-321-43695-4), to be released in June by Addison Wesley.

Buggy software is costing businesses and consumers billions in terms of clean up costs ($60 billion annually, according to a NIST study(*1), downtime (2.2 percent of enterprise revenues last year - about $30 million per enterprise, according to Infonetics), and privacy leaks (which cost businesses and consumers $49.3 billion in 2006, according Javelin Research).

Third party testing organizations like NIST's Common Criteria are moving in the right direction. But they fail to get down to how the application will work when introduced into the variety of environments wherein these applications will interact. Testing frameworks and standards are beginning to emerge, like those presented in a well-defined Carnegie Mellon paper(*2) on built-in security. And the Open Web Application Security working group also has an end-to-end framework for testing, but it only applies to Web applications.

"But what we're seeing is that nobody's taking the time to build a practicable methodology and test how new security applications will really interact inside your enterprise environment and predict outcome," says Kadrich.

The Consortium combines the product testing leadership and methodology of veteran testers with investigative field research to produce unbiased, realistic reports predicting how the product will interact within a client enterprise in support of its strategic goals, including how to work with the inadequacies of the product for maximum protection - and, in some cases, offer alternatives.

A recent network manager interviewed by Deb Radcliff, the Consortium's VP of publishing and field research, could have saved $250,000 in up front costs and a year's worth of trouble through a service like this. Her source, owner/operator of a managed services company for 250-range user organizations, could not go on record with the vendor name. But he does say it never lived up to its promise to integrate so he could upgrade his clients to manage their security devices.

"We never got our money back," says the disgruntled corporate consumer of said product. "We lost $250,000 - and that's not counting the missed revenues from not being able to upsell our managed security offering during that period."

Having been on both the buying side and the selling side of this process, Kadrich says vendors need to create best practices around testing their products for vulnerabilities in its interactions with other network traffic before, during and after product development.

For now, though, it's up to user organizations to make testing a larger priority than they already are by developing policies and processes and dedicating more human resources to thoroughly stress test new applications before allowing them to interact with the rest of the enterprise.

For more information visit www.thesecurityconsortium.net or contact:
Deva Loveland, of The Security Consortium, Inc., +1-408-971-0984.


(*1) Reference to NIST paper: www.nist.gov/director/prog-ofc/report02-3.pdf

(*2) Reference to Carnegie Mellon's "Build security in" document: https://buildsecurityin.us-cert.gov/daisy/bsi/articles/best-practices/requirements/532.html


Text provided by the news source.
NEWS SOURCE:  The Security Consortium, Inc.
Send2Press® is the originating wire service for this story.  Terms of Use
THE CONTENT OF THE ABOVE PRESS RELEASE WAS PROVIDED BY THE NEWS SOURCE (The Security Consortium, Inc.), WHO IS SOLELY RESPONSIBLE FOR ITS ACCURACY. FOR QUESTIONS ABOUT THIS STORY CONTACT THE NEWS SOURCE AND NOT THIS WEBSITE.

Latest News from Send2Press Newswire:
U.S. and World News
More News This Topic

Additional News on Similar Topics:
Computing
More News This Topic
  Additional Related News from
  The Security Consortium, Inc.

  Reader Resources
Share or Save Story with Bookmarks
Use one of the link buttons, below, to save, share, or bookmark this page for friends and/or future reference.
  Google  reddit Reddit  diigo Diigo
 delicious Delicious  Yahoo! Yahoo!  digg Digg
 blinklist Blinklist  blogmarks Blogmarks  Mixx! Mixx
Facebook  newsvine Newsvine
Subscribe Using Popular Social Tools
Use these tools to "subscribe" to the Send2Press Newswire feed of daily news content.
Add News to Google   Add News to My Yahoo!
Add News to MyMSN   Add to My Wikio
  Choose RSS Feeds by News Topic

Free News Feeds for Your Blog or Website!
 Add news like this to your website with one click.
Simple Javascript copy-paste, or full RSS 2.0,
or Wordpress plugin.
Best of all, it's totally FREE!

Choose from city, state, or industry topics (over 300!). Most main topics updated weekly including business, entertainment and technology news.
CLICK HERE to LEARN MORE  


 
 U.S. and World News
 Advertising and Marketing
 Aerospace and Aviation
 Agriculture and Farming
 Apple, Mac, iPod and iPhone
 Auction and Online Auctions
 Auto and Motorsports
 Banking and Finance
 Beauty Products
 Boating, Marine and Maritime
 Business
 Communication Arts
 Company Profiles
 Compliance Training and Seminars
 Computing
 Biometrics and Bioware 
 Events and Shows 
 Hardware and Peripherals 
 LBS and GPS Applications 
 Mobile Computing and PDA 
 Networks and Encryption 
 Software 
 Support and Warranties 
 VAR and IT Consulting 
 Construction and Building
 Corporate Social Responsibility - CSR
 Defense and Military
 Drug Rehabilitation
 Education and Schools
 Electronics
 Employment, HR and Outsourcing
 Energy, Oil and Gas
 Entertainment
 Environment and Ecology
 Facilities and Building Maintenance
 Family, Parenting and Children
 Food and Beverages
 General Editorial
 Global Aid and Disaster Relief
 Government
 Green Business
 Health, Diet and Fitness
 Home and Garden
 HVAC Heating and Cooling
 Insurance
 Internet and Websites
 Jewelry and Diamond
 Legal and Law
 Manufacturing
 Medical
 Mining and Metals
 Mortuary and Cemetery
 NonProfit and Charities
 Plastics and Chemicals
 Police, Fire and Rescue
 Real Estate
 Regional Events
 Religion and Churches
 Restaurant, Hotel and Hospitality
 Safety and Security Solutions
 Sciences
 SEO Experts
 Sports and Activities
 Stamps, Coins and Collectables
 Taxes and Accounting
 Telecommunications and VoIP
 Theme Parks and Attractions
 Trade Shows, Fairs and Expos
 Transportation
 Travel and Tourism
 US and World History
 Veterinary and Pets
 Water and Wastes
 Webinars
 Wood and Glass Products
 
 U.S. State Newswires
 Alabama Business
 Alaska Business
 Arizona Business
 Arkansas Business
 California Business
 Colorado Business
 Connecticut Business
 Delaware Business
 Florida Business
 Georgia Business
 Hawaii Business
 Idaho Business
 Illinois Business
 Indiana Business
 Iowa Business
 Kansas Business
 Kentucky Business
 Louisiana Business
 Maine Business
 Maryland Business
 Massachusetts Business
 Michigan Business
 Minnesota Business
 Mississippi Business
 Missouri Business
 Montana Business
 Nebraska Business
 Nevada Business
 New Hampshire Business
 New Jersey Business
 New Mexico Business
 New York Business
 North Carolina Business
 North Dakota Business
 Ohio Business
 Oklahoma Business
 Oregon Business
 Pennsylvania Business
 Puerto Rico Business
 Rhode Island Business
 South Carolina Business
 South Dakota Business
 Tennessee Business
 Texas Business
 Utah Business
 Vermont Business
 Virginia Business
 Washington D.C. Business
 Washington State Business
 West Virginia Business
 Wisconsin Business
 Wyoming Business
 
 Video News Releases
 
 World Newswires
 Australia Business
 Bahamas Business
 Brazil Business
 Canada Business
 China Business
 Colombia Business
 Germany Business
 Honduras Business
 India Business
 Israel Business
 Italy Business
 Libya Business
 Mexico Business
 Netherlands Business
 Russia Business
 Singapore Business
 Spain Business
 United Kingdom
Terms of Use and License
This "article" version of the issued press release is Copr. © 1983-2010 Neotrope/Send2Press. You may freely link to this article version of the press release or may use the release text as the basis for an original article or news posting. If the content is copied verbatim via a scraping or copy/paste method, the news item must be properly "attributed" to Send2Press® Newswire as the originating wire service for this story (may not be posted on ANY site selling/offering SEO or PR services!). Click here for syndication options.
DISCLAIMER: the above press release content is believed accurate but not guaranteed, and is based on business news supplied by the source. The noted source is solely responsible for its accuracy. Financial/Stock news may contain forward looking statements. Neotrope/Send2Press (this website) makes no claims of accuracy or suitability for any purpose. Any opinions expressed by representatives of company(s) mentioned in news and profiles are solely those of the person indicated, and do not reflect any opinion or policy of Neotrope® or Send2Press. Your use of any information contained herein is done solely at your own risk, and you are fully responsible for using any information herein, or on sites mentioned or linked to in the article. All trademarks acknowledged.

REFERENCES: .
search engine marketing, and search engine optimization since 1995 - powered by ContextEngine(R) press release services, news distribution, press release writing, newswire services
MEDIA READS (by media and public, as of today): 3547 times (1 today, 9 this week, 47 this month, 332 this year)
Site Design and Content is Copr. © 1983 - 2010 Neotrope® - All rights reserved. Send2Press® is a reg. trademark and service mark of NEOTROPE.
Press Release Writing | About Send2Press | Meet Our Staff | Contact Us | Our Services | Help Desk | Legal | Privacy | How-To Articles | RSS Feeds | Headline Feeds | Podcast | PR News Channels | Success Stories | PRTRax™ Reader Tracking | Targeted News Distribution | Internet Marketing Services | Order PR Services | Terms of Service (TOS)