Aa a security manager, I expect my company to be hit by malware infestations, data theft, denial-of-service attacks and attempts at unauthorized access. I deal with them all as they arise, and they do keep things interesting. But some incidents get attention not just from me, but also from management. Those tend to be incidents that result in the direct loss of either money or extremely sensitive data. Naturally, those are the types of incidents that I most want to prevent, interesting or not. And things quickly go from interesting to frustrating when you get hit with the same type of security event resulting in dollar loss several times in one year.
展开▼