|
 The issue of software vulnerabilities and their impact on information security and organizational downtime is well known. But it doesn’t have to be accepted. CPNI, the UK Centre for the Protection of National Infrastructure, has published a list of questions that procurement teams, business risk managers and information security professionals should be asking vendors to try and gain control in this area.
The document, written in May 2010 but only just announced, encourages purchasers to be much more proactive prior to software purchase. “Asking questions about the security of products right at the beginning of a procurement cycle, organisations are more likely to receive a better product at the end; one that does not require quite so many updates and cause so much downtime,” states the document. “Secure code should be one of the ‘features’ that customers demand.”
Read the document (PDF).
•Date: 3rd Sept 2010 • Region: UK/World •Type: Article •Topic: ISM news
Rate this article or make a comment - click here
|
