Welcome to the launch of the ICSA Labs Blog.  We are excited about the opportunity to use our new blog as a forum for greater interaction with the security community at large, especially those with a vested interest in computing security.  

To kick off our first blog entry, we want to let you know about an ICSA Labs study that covers our 20-year history of information security testing and certification.  Detailed in this report are key findings that span two decades of data collection from testing thousands of security products.  These are typical technologies that are a main stay in any enterprise. 

One of the key findings from the report is that nearly 80 percent of security products fail to perform as intended when first tested, and generally require two or more cycles to achieve certification against the published standards.

The reader will find details about the issues products typically have, what those issues can be attributed to, and why in some cases these problems continue to persist.  

The moral of the story is for enterprise users to be diligent about their vendor and product procurement decisions not only when making the initial purchase but through the entire life of that product.  The study also reinforces the value of third party assurance from a credible organization.  We also learned from the report findings that when vendors participate in testing, their products end up improving in quality and reliability.

The complete “ICSA Labs Product Assurance Report” is available at www.icsalabs.com/whitepaper/report.

I trust you’ll find the study insightful and hope you see value in subscribing to the ICSA Labs Blog.  We look forward to your comments.