If you think cyber security is the province of the IT professionals in your organisation and it is a matter best left to their management, this sobering report by McAfee on the extent of undetected intrusions should cause you to think again.
The blog posted by Vice President, Threat Research for McAfee, Dmitri Alperovitch, provides some interesting insights.
You can link to the blog from here and also download the PDF of the McAfee report:
Extract from blog: Tuesday, August 2, 2011 at 9:14pm by Dmitri Alperovitch
For the last few years, especially since the public revelation of Operation Aurora, the targeted successful intrusion into Google and two dozen other companies, I have often been asked by our worldwide customers if they should worry about such sophisticated penetrations themselves or if that is a concern only for government agencies, defense contractors, and perhaps Google. My answer in almost all cases has been unequivocal: absolutely.
Having investigated intrusions such as Operation Aurora and Night Dragon (systemic long-term compromise of Western oil and gas industry), as well as numerous others that have not been disclosed publicly, I am convinced that every company in every conceivable industry with significant size and valuable intellectual property and trade secrets has been compromised (or will be shortly), with the great majority of the victims rarely discovering the intrusion or its impact. In fact, I divide the entire set of Fortune Global 2000 firms into two categories: those that know they’ve been compromised and those that don’t yet know.
Read the blog: http://blogs.mcafee.com/mcafee-labs/revealed-operation-shady-rat
Download the PDF version of Operation Shady RAT report – http://www.mcafee.com/us/resources/white-papers/wp-operation-shady-rat.pdf