These library resources require an Ounce Labs ID. Log in or register.

Managing the Risk of Identity Theft:

The Need for Software Security Assurance

Recently reported security breaches have exposed private data of nearly 50 million customers of high-profile companies such as CardSystems, ChoicePoint, Bank of America, LexisNexis, HSBC, Ameritrade, Time Warner, and CitiFinancial, generating attention and alarm among victims, press, and legislators. Breaches of customer information due to lapses in security policy, either at the physical security or application security level, can cost organizations valuable customer and partner loyalty, as well as direct costs for legal expenses and settlements.

According to a Forrester report, many financial services firms, including the most trusted ones, have not taken adequate preventative measures to protect their online channels from attackers. Consumers and businesses constantly rely on electronic information systems to store, transmit, and manage their most important, private data. Forrester underscores that a primary threat to this data is introduced because of security vulnerabilities in the software on which it resides. As e-commerce, online banking, and other Web transactions increase in size and frequency, criminals are finding more incentive in targeting identity-related information for theft.

This paper uses key examples to discuss causes, costs, liability, and solutions to help organizations secure their software and avoid becoming the next victim in what will likely be a continued stream of highly-publicized and costly identity theft incidents.

« Back to Library