Net Persist Solutions Group: Business Problems We Solve

The rate of discovery of new software vulnerabilities and exploits continues to be high

So far in 2011, the number of cyber break-ins and identified network/application vulnerabilities has continued its inexorable rise. The U.S. Department of Homeland Security Cyber Security Division documented over 2000 new software vulnerabilities between January and July 2011, with 93% being considered high-medium risk.

Furthermore, according to the latest 2011 Data Breach Investigations Report from Verizon, attackers are refining the way they hack into enterprises, shifting to smaller targets with fewer security defenses.

Legal liability for security breaches is now a reality

Organizations that fail to show due diligence when it comes to protecting their data assets face a real risk of legal problems, fines, or loss of customer confidence. The renewed caution comes in the wake of an escalating number of highly publicized security breaches that involved unauthorized access to confidential personal information.

New security legislation and e-commerce security standards are also driving increased demand for security services, as businesses are forced to strengthen their security posture to avoid potential legal exposure or fines. Examples of such legislation and security standards include:

	Payment Card Industry Data Security Standard (PCI-DSS), a wordwide information security standard created to help organizations prevent credit card fraud through increased controls around data and its exposure to compromise.
	Personal Information Protection and Electronic Documents Act - PIPEDA (Canada), which gives Canadians a degree of privacy protection and control over the personal information about them that is collected, used and traded in the private sector.
	Personal Information Protection Act - PIPA (British Columbia) which governs the collection, use, disclosure and protection of personal information by organizations in British Columbia which are not covered by federal PIPEDA legislation no matter what size or type.
	Healthcare Insurance Portability and Accountability Act (HIPAA) (United States), which requires (1) the standardization of electronic patient health, administrative and financial data, (2) establishment of unique health identifiers for individuals, employers, health plans and health care providers, and (3) security standards protecting the confidentiality and integrity of "individually identifiable health information," past, present or future.