IT systems are nowadays part of our daily lives and part of many common devices. They perform various sophisticated, and sometimes safety-critical tasks. Security has a direct impact on safety. Lack of security can cause loss of reputation, loss of revenue, and even liability claims.
Many security holes are caused by design or implementation faults. Often developers are not aware of the whole bandwidth of possible attacks on their system. An analysis and evaluation of the system's security aspects is often never done. In addition, security rivals with other goals as costs, duration of the development process, and functionality.
A security evaluation is a crucial part of a high-quality system development. With a security evaluation during the development process, threats can be detected and corrected early. But also after the end of a project, a security evaluation can be useful to know existing threats and potential vulnerabilities of your system, e.g., to avoid them in future systems.