Website Vulnerabilities: Evaluating Risk and Reaping Rewards

July 15, 2009

2 Min Read
Website Vulnerabilities: Evaluating Risk and Reaping Rewards

By Shannon McCarty-Caplan

Our research shows half of e-commerce websites have known vulnerabilities, putting a website owner’s business reputation, customer data and revenue at risk. And according to a security watch-dog site, only 5% of these vulnerabilities are fixed. Translation: This spells o-p-p-o-r-t-u-n-i-t-y for solution providers like you to sell vulnerability assessment solutions and add on remediation services to the deal.

Trend Micro research by TrendLabs states the vulnerabilities in half of these affected websites lead to phishing, spam, credit card theft and other malware. When the e-commerce website (or any website) experiences an attack, that erodes customer confidence in online purchasing, not to mention damages business reputation, can lead to revenue loss, downtime and costly repairs.

How can you be a security thought leader and help your customers evaluate their website security risks?

Evaluating Risk

First, take a look at how many contributors within an organization make changes or updates to website content.  Do they have a web master or web designer in-house? Does each department within the organization own a section of the website?  Especially look the marketing department. How many marketing folks have access rights to modify website content?  Are they using a third party agency to create or host event registration pages or payment portals?

Second, how often are these content contributors and website owners updating the website with new campaigns, product launches, special offers or educational materials?

Bottom line: the more people who have access rights to the website, and the more frequently website content changes, the more risk the organization can incur.

Web threats risks include:

•    SQL Injection Attacks
•    Cross-Site Scripting
•    Trojans
•    Targeted Attacks from Hackers

Reaping Rewards

Start evaluating website security solutions.  E-commerce sites will need a solution with a security certificate or trustmark verifying the legitimacy of their website safety.  Solution Providers will benefit from a product with comprehensive reporting that ranks critical vulnerabilities and provides a remediation plan to help with services follow up.

By showcasing your website security expertise to your customers, you’re adding value as a security thought leader, and keeping your customer’s business reputation, data and revenue safe – all while building a recurring revenue stream for yourself.  It’s a win-win for both you and your customers.

Shannon McCarty-Caplan is a Trend Micro Global Product Marketing Manager responsible for Trend Micro SecureSite. Guest blog entries such as this one are contributed on a monthly basis as part of The VAR Guy’s 2009 sponsorship program.

Read more about:

Free Newsletters for the Channel
Register for Your Free Newsletter Now

You May Also Like