Have you ever had your computer systems attacked from the outside? I have had this happen twice; both times through SQL Injection. Surprisingly this continues to be an issue for developers. The methods of attack are well known. The techniques to disable SQL Injection are well known. Still, systems are being developed enabling SQL Injection.
A couple things to take away from this:
1) Don’t trust that software you purchase or create internally is safe
2) Do you know what you would do if you were attacked?
The second point, or question is the core issue I want to raise today. Do you know what you would do if your systems were being attacked? That’s the question in a nutshell. Do you need to be prepared should an attack occur. I have seen it personally twice in commercial situations in the last 10 years and have contact with at least one other company. That’s a pretty good percentage.
So you have a plan? Do you have your systems assessed for vulnerabilities? What are you going to do when it comes to you? Share your thoughts online or by email to btaylor@sswug.org.
Cheers,
Ben