Understanding IT Security Risks
There seems to be a lot of confusion about security terms and concepts. This confusion often leads to poor decisions that waste both valuable time and money. A proactive approach in determining the associated costs of potential losses should a web application breach occur would be the first step in creating countermeasures to reduce the chance of such events ever happening. Without a clear understanding of the proper security requirements and the associated costs, security teams are often misdirected in their persuits. This ends up being counterproductive and often ends in poor decisions or no decisions at all.