Explore top 10 tips to secure your open-source projects now. Read More
×
The vulnerability HSBC has is apparently extremely difficult to actually take advantage of, a factor HSBC took into account when they decided to live with it because other concerns were more pressing. As security professionals, we should understand this balancing act, even if we don't always agree with the decisions that are reached. The cost to fix the issue was considered to by management to exceed the probability of an exploit multiplied by the possible cost of paying for any such breaches. Pretty standard business reasoning.