US IT MANAGERS MUST ADDRESS COMPUTER SECURITY http://it.sys-con.com/read/183020.htm: "IT managers planning for possible security threats in 2006 might be tempted to look back at some of the big security debacles of 2005 for inspiration.
A major security breach at CardSystems exposed the personal data of more than 40 million credit card holders to possible fraud. Marriott tried to explain how it misplaced personal data for some of its 200,000 customers. Other major companies including Bank of America, Citigroup, and DSW Shoe Warehouse had similar woes.

In addition to these events, companies endured an increase in the sophistication of threats, including virus-infected e-mails, worms, spam, spyware, computer theft, and network intrusions. These computer-related crimes cost U.S. businesses an incredible $67.2 billion a year, according to FBI estimates. "

Not Just One ThreatIt would be easy for an organization to focus attention on any one security issue. However, the real threat for companies in 2006 won't be a single type of threat. Instead, it will be the explosive growth in the frequency and variety of attacks, and the amount of time, energy, and resources that will be required to defend against them.

It comes down to numbers. Consider the growth of the Internet in emerging markets like China, which in 2003 had roughly 50 million Internet users and today has more than 110 million users and growing. It's logical to predict that as the number of people using the Internet grows, so too will the number of criminals online and the opportunity for computer-related crime. Worse, since Internet growth is geometric, the increase in security threats is as well. It's a problem of Malthusian proportions.

The bottom line: one thing businesses can count on in 2006 is that there will be more computer-related security incidents - a lot more.

Impact of AttacksThe impact of just one attack on an organization with a global distributed network, whether it's a small, medium, or large enterprise, can grow exponentially with the size and scale of the operation, often with costly results.
A recent FBI survey found that almost a fifth of U.S. businesses reported 20 or more computer security attacks last year. Many more may go unreported for fear of lawsuits or being painted as a "target." Dealing with these crimes cost each company an average of $24,000.

The problem is that many companies have stitched together multiple solutions that are not necessarily designed to work together. This creates gaps in their security armor. In many cases, these gaps are often unknown or too expensive and complicated to address, leaving the company vulnerable to attacks and unable to respond when they occur.

Think back to last year's poster child for computer security breaches - CardSystems. It really doesn't matter what individual security products were in place. The proliferation of tools created gaps - kinks in the armor - and valuable data was stolen.

For organizations, the challenge becomes one of diminishing returns. A discussion I had recently with one of our customers illustrates the problem. Sure, he had a firewall and an anti-spam box, but linking them was beyond his capability. It was simply too complicated and costly in terms of manpower, software, and equipment.

CONTINUED AT WEBLINK..........