Over the years the threat to your data and network has changed and evolved though it still might feel a bit like bailing out a leaking boat. The threat no longer comes through a single point like the rogue USB, but from multiple points of entry to the network, such as the Internet gateway, Virtual Private Network (VPN) links, remote access servers, email, wireless Local Area Network (LANs) and even handheld devices.
 
Three-quarters of security breaches come from inside the enterprise
It is important to remember that few assaults on your network security originate from socially dysfunctional teenagers at the other end of an overseas broadband connection. Most recent statistics indicate the majority of computer attacks are carried out by organised criminals, insiders, employees and associates of an organisation. According to the American Society for Information Security, almost three-quarters of current security breaches come from inside the enterprise, particularly from disaffected employees but a high proportion  are accidents and not malicious. That doesn’t prevent them being as costly as the malicious attack. Security policies around the management of passwords, particularly when employees are leaving can have a significant effect on reducing the risk to your business.

Security spending is a cost that’s notoriously difficult to justify in traditional cost/benefit terms: you spend a lot on security and in the best-case scenario nothing happens! But what are the costs of being reactive?