This post on my blog QA2100.com is in reference to a great post highlighted by Jaden Turner’s share on 2015 Hospital Hacks: and posted into our Group on Linked In: QA2100 Testing Strategy: Financial Services
Every week we are hearing about another leak, hack or break-in and millions of credit card holders are exposed, at risk, or invaded. Who are these hackers? Why are they hacking? Money. Greed. Something for nothing. Retribution. All of which is Vicious, Criminal and
destructive to infrastructure, commerce, and consumer confidence
Security – is this an oxymoron? We hear it, and aretaught to believe it, so we trust that others are responsible about implementing it. Real Security means real testing dollars are spent beyond the boundaries of a new project launch… Usually only the minimal security testing is considered if at all. If it is, is usually not part of projects, rather it is part of the ‘network’ group, or ‘infrastructure’ group.
So, this is not about the kind of job our network guys are up to, rather the kind of budget that gets allocated to supporting enough security measures, plus the budget to ensure it is being implemented and maintained at a deep enough or broad enough level. This means maintenance, and keeping up with the latests shenanigans by our nefarious ‘hackers’.
I have the same issues with performance testing. and automation for regression.
So I could go on, but these areas are allowed to get weak due to higher priority profit making budgets. and on and on until an emergency effort to shore up security is done again. Security = Insurance. If you don’t spend the money on the protection, it won’t be there when you need it.
This is the tip of the IceBerg and we need to be vigilant, and attentive to the looming prospects of risk.