Outsourcing makes you more vulnerable to hackers

Davey Winder
Tuesday, 01 July 2008 15:12

Your IT - Home IT

More than 60 percent of IT security professionals believe that outsourcing code increases the likelihood of hacking, according to the results of a new survey. 81 percent of them admitted their applications were vulnerable...

The results of a survey undertaken by security outfit Fortify Software at the recent InfoSecurity Europe 2008 event make for uncomfortable reading. The 300 IT security professionals questioned have, quite frankly, painted a very bleak picture of the corporate security landscape today.

An overwhelming 81 percent of them admitted that their own business-critical applications are vulnerable to hacking, while nearly a third going as far as to say they were "very worried" about the situation. A third also reckon that hacking attempts at the corporate level are a daily occurrence. More worrying, they put collective their hands up and revealed that 17 percent of those attempts were actually successful.

Which would seem to suggest that the most common form of security defence, the good old-fashioned firewall, is not doing its job properly. Yet when it comes to protecting the company application software from exploit some 98 percent went down the firewall road by default.

It's not all bad news though, as a heartening 67 percent of the IT security professionals questioned said that their companies use penetration testing to weed out vulnerabilities. A further 41 percent also use static analysis software as part of their defence systems.

Perhaps the most striking statistic to come out of this survey, though, concerns the practise of outsourcing. More than 60 percent of those asked said that they believed the process of outsourcing code increases the likelihood of hacking. 55 percent confirming that it is much safer to write such code internally.

More on outsource security concern on the next page...

CONTINUED