Top security issues in protecting online services data

From Bates Wells Braithwaite Briefing:

The Information Commissioner’s Office has published a new security report highlighting eight of the most common IT security vulnerabilities that have resulted in organisations failing to keep people’s information secure. These are:
a failure to keep software security up to date; a lack of protection from SQL injection; the use of unnecessary services; poor decommissioning of old software and services; the insecure storage of passwords; failure to encrypt online communications; poorly designed networks processing data in inappropriate areas; and the continued use of default credentials including passwords.

See ICO news item, which includes a link to the report (pdf, 610KB).