As this post by Michael Farnham at Computerworld highlights, many more companies are likely to be attacked in 2007 and too few are implementing robust procedures to counter this. As he says:
“It comes down to whether or not companies view the problem as enough of a risk to spend the capital. And many companies are still making the wrong decision.”
This is the beauty and purpose of information security toolkits, like our ISO 27001 Toolkit. Companies don’t have to spend a fortune on outside consultants or on every new security product that hits the market. If they implement their own ISMS in-house they can keep the cost of the process under control and only purchase the products that are right for them and for which they have a clearly demonstrable need.