Breach Security also found that one in four companies seldom report on application layer hacking attempts " either successful or failed. In addition, 15 percent of respondents reported poor controls in place to detect non-PCI related information leakage, such as information about their infrastructure and applications, and 15 percent reported no controls in place. "Security continues to be a concern for corporate America, but a surprising number of companies haven't taken the steps necessary to properly protect against information leakage and web attacks, or to establish and maintain accurate reporting mechanisms," said Sanjay Mehta, senior vice president for Breach Security. "Poor global economic conditions have caused organizations to focus on the minimum investments required to appease auditors instead of implementing solutions to adequately protect customer and corporate data."
Nearly 60 percent of survey respondents reported that it takes their companies between one and four weeks to remediate a SQL injection, cross-site scripting attack or other critical web vulnerabilities. For more information about Breach's survey of Black Hat conference attendees, please visit Breach Security in booth #29 at the Black Hat USA 2009 conference at Caesar's Palace Las Vegas, Nevada or visit www.breach.com. About Breach Security Breach Security, Inc. is the leading provider of real-time, continuous web application integrity, security and compliance that protects sensitive web-based information. Breach Security's products protect web applications from hacking attacks and data leakage, and ensure applications operate as intended. The company's products are trusted by thousands of organizations around the world, including leaders in finance, healthcare, ecommerce, travel and government. For more information, please visit www.breach.com.