Security attacks are moving from today’s well-protected IT network infrastructure to the software that everyone uses – increasing the attack surface to any company, organisation or individual. Paradoxically, productivity-enhancing software that is embraced often invariably houses large amounts of sensitive data, both personal and corporate writes Mano Paul of (ISC)2.

The infamous release-and-patch cycle of software security management can no longer be the modus operandi or tolerated. A growing community of professionals, supported by the global information security professional certification body (ISC)2®, understand that escaping this vicious cycle requires a systemic approach.

Related Articles:
http://www.bcs.org/content/conwebdoc/25662