Saw this in the SC Information Security Newswire:
Organizations that do not include security as a criterion when building
or buying software will see system downtime caused by security
vulnerabilities treble from 5 per cent to 15 per cent of downtime in
2008, industry experts have warned.