A core dilemma for IT today is how to properly protect the organizations' information systems and assets given
security tools often seem like a black hole sucking down both time and money. But a strong defense doesn't have to be expensive, and a good place to start is assessing what information is publicly available and figuring out how to safeguard it from attack.
It's easy to get caught up in the hype around who might be attacking organizations and why, which leads to misconceptions about the requirements and costs associated with effective security. Companies need to approach security more fundamentally and strategically. They should also be looking at it from the attacker's viewpoint, trying to identify what there is to steal and how to go about it. Those answers should be the guide for an organization's defense system planning.
