"Not following enterprise-level change control
standards is a big and costly problem for business. Jennifer Bayuk,
an independent security consultant and former CISO of Bear Stearns,
reckons that there is a "hidden cost for the enterprise" in using
open source because businesses will have to "test and patch for
security bugs they don't anticipate.""