Will your network pass a security audit?
It is a well-known fact that in the Internet-connected world
network perimeter vulnerabilities do exist that allow
unauthorized individuals access to networks and provide the
ability to disrupt business continuance. Well-prepared companies
do know about many of these vulnerabilities and they correct
them whenever appropriate. However, there are a large number of
new, as well as older vulnerabilities that the average company
is just not aware of. If these vulnerabilities are known,
companies usually, and I emphasize usually, allocate resources
to them. Unfortunately, too many companies either do not have
the resources to track such security-related matters or do not
have the trained internal personnel to allocate towards
identifying and remediating the vulnerabilities. Obviously
knowing about or being able to detect the vulnerabilities is
half the battle, but not acting on the known issues for any
reason is almost a guarantee to lose the battle.
An alarming fact is that many companies do not prioritize
information security because it does not generate revenue for
the company. However, as we have seen in the headlines and trade
journals, the lack of a proper security program can and does
affect the bottom line. Some organizations are now investing
larger budget dollars and resources into information security,
and they