An organization's website in many ways is similar to a cover of the book or a DVD to entice a potential customer to take a closer look at your offerings. For most organizations, the website also serves a possible gateway into its organizational infrastructure, and a source from which external threats can exploit to gain access to intellectual information and data assets with ultimate intent to profit from those exploits.
How often have you consider the following:
1. Is my web web server correctly configured and my staff is aware and engage about securing my web site?
2. Do I know the vulnerabilities of my web sit and the effort behind their exploits?
3. What are my known and unknown risks?
4. Do I have a web security strategy?
5. Should I conduct a web security audit?
If you answer NO to any of these questions then your organization's web site is at risk and you must consider a security audit to start.