Security is a management problem with a technology solution. It isn’t a check-list of do’s and don’ts - it’s a discipline covering the business’ IT infrastructure. When it comes to security, a multi-layered approach works best. For instance, worms are designed to bypass firewalls. Potential damage can be prevented by the integrated use of a firewall and an intrusion detection system. With a multi-layered approach, even if an intruder is able to bypass one access point, overlapping layers of security ensure that the break-in will be stopped by another mechanism.

I believe preventing and combating the array of network security threats requires a variety of security solutions and best practices, including firewalls, anti-virus protection, virtual private networks (VPNs), content filtering, reporting, vulnerability assessments, intrusion detection and software maintenance, that together provide a secure perimeter for the company network. 

During an economic downturn can corporate security be allowed to be shuffled down the list of priorities? How do you balance the threat against the cost?