Businesses run on software; it gives us the features and functions needed to make our teams productive. However, this time-saving software introduces risk into the organization. Too frequently, we are excited by the product and choose to trust that security has been addressed during the development of this software, without any proof that secure development practices were followed.
As a result, large organizations may end up running software that accesses their critical data and systems without a true understanding of what vulnerabilities are introduced by those third-party applications. How can enterprises ensure the software they purchase is secure?
We believe all enterprises should ask their third party software suppliers, “Where is the Risk”? If an enterprise’s software provider cannot discuss the steps they take to secure their software, they aren’t doing enough.
Originally posted 2016-02-29 08:40:49.