a worst-case scenario, of course, but other companies such as Eli Lilly, Victoria's Secret, and Go Daddy have all taken financial hits as a result of getting hacked. Victoria's Secret's Web site was shut down during the Christmas shopping season--and the company was fined $50,000 by the federal government--after hackers found an easy way to review customers' order information.
The Preventative Argument
All the information and arguments presented in this article should provide a good start to your efforts in justifying security testing in QA. It is cheaper to find vulnerabilities in QA than in production, and the cost of being hacked is almost immeasurable. Nobody wants to have a Web site shut down or customers' personal information revealed by a hacker. With these risks in mind, addressing security in QA makes perfect financial and business sense.