UK banks ignore security audit findings
Some UK corporates routinely ignore the findings of security audits treating them solely as a necessary step to satisfy corporate governance regulations, according to an experienced penetration tester.
Tim Ecott, managing consultant at security integrator Integralis, explained that banks and other financial institutions are told they have to carry out a penetration test to comply with audits. In some cases - perhaps five per cent - Ecott and his team discover the same faults every time.
By John Leyden at The Register.
[ Read more ]
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.