The Business Times

Beware of mistakes that can compromise IT security: Gartner

It cautions against treating security of products, applications as an afterthought

Published Sun, Oct 13, 2013 · 10:00 PM
Share this article.

A SIGNIFICANT number of IT products and applications do not have adequate security, and this includes high-assurance systems such as payment systems and electronic voting machines, warned Ray Wagner, Gartner's managing VP for Secure Business Enablement. One reason for this is that security is treated as an afterthought, he said.

Mr Wagner noted that many software providers and project managers do not factor security into an application or device from the earliest stages. "It's difficult enough to close off possible attack paths during the design phase, and it is nearly impossible after deployment - particularly since the product will typically be maintained and updated by personnel who did not participate in the product development and may not fully understand its underlying architecture and design principles," he explained.

Problems also arise when trained security practitioners are not involved in the design and implementation.

BT is now on Telegram!

For daily updates on weekdays and specially selected content for the weekend. Subscribe to



Get the latest coverage and full access to all BT premium content.


Browse corporate subscription here