The Sans Top 20 was released on November 27^th, and two key issues which have been identified are web application security and social engineering.

 

As organisations are focusing on ensuring that their network defences become more robust, the use of phishing and other social engineering attacks are on the increase. To defend against this type of attack requires constant efforts to educate staff and maintain their awareness of the dangers of revealing information, either online or in person.

 

Web application security is highlighted as a particular problem as the majority of software is being developed without using techniques to ensure it is secure. The risk is heightened as many Web applications then provide access to back-end databases that may hold sensitive information with security often only considered as an afterthought.

 

MWR InfoSecurity provides consultancy and testing throughout the software development lifecycle, working with clients to ensure that security is at the heart of any software development, which is the safest and most cost effective solution.

For the full report click here.