How to Create a Business Case for Web Application Security
The security of web applications, particularly those that are transaction platforms and those in a constant state of change, is costly to achieve and to maintain. Now, pile on privacy and regulatory-compliance testing and remediating, and the related costs become frustrating to senior managers who see no tangible or visible improvement to the web applications. These expenses must be cost justified in terms of risk and return on investment.
The key to getting the IT security governance committee to fund the appropriate compliance budget is to speak its language. In order to do ...