The next security threat: Web applications
"Most of the successful attacks are application attacks because most of the important data is stored in those systems," said Alan Paller, director of research at the SANS Institute, in Bethesda, Md. "Applications never had a very big face to the outside world, and the OS had all of those ports you could try. So, it was just convenience that most of the attacks in the past were on the OS. If you want the customer log or the credit card data, you're going through the application."
The link for this article located at ZDNet is no longer available.