Dangerously vulnerable: 3 quick (and scary) anecdotes Posted on September 29, 2011 by Tim Burke How secure are the data, applications, systems, and networks your business depends on? If you’re like too many of the executives I talk to, you may believe all is well — but only because you haven’t asked the right questions. One executive told me recently, “We’re cool; we haven’t had to touch our firewalls in three years.” Another ticked off all the security products his IT guys have installed — but, it turns out, without ever changing the manufacturers’ default passwords. And then there’s the fellow who informed me that he doesn’t worry about information security because his company isn’t well-known enough to attract hackers. All three of these businesses are dangerously vulnerable to security breaches that could cost them plenty. Some of the reasons are obvious. Firewalls you don’t bother to update or monitor can’t protect you against new types of threats. Passwords that everyone already knows (like manufacturers’ default ‘password’) are pointless. Today’s automated bots indiscriminately scan every IP address they can find for opportunities to steal data and plant malware that will infect your computers and pass on the infection to any other systems they interact with. Yet it’s what these three anecdotes have in common that’s really scary: The folks in charge haven’t achieved an understanding of what’s really necessary to protect the value of their businesses.