When hackers take advantage of a software flaw in a federal financial system to steal credit card numbers, procurement officers and program developers are both to blame for the intrusion, some information security specialists say.
Vulnerabilities stem from the inadequate training of software engineers, as well as inadequate requirements from acquisition officers. In the old days, when software operated in an isolated system, developers thought threats would be limited to that computer's physical area. In today's networked world, however, software is operating in environments that the developer may not have had in mind when building a program.
-Aliya Sternstein, NextGov.com