"Gartner states that the cost to fix a security vulnerability found
in production is 6.5 times higher than one found in QA. A single
security defect that may have cost only $150 if found in QA could
easily cost an organization $975 if found in production."   

Should the QA team perform the security testing , how much that would cost extra? to find out read more on  here