In my experience large companies often do not install security solutions until they have somehow been breached. Often there is a disconnect between the IT department and the administration. The IT Director or CIO will push for security because he realizes the threat, but the administration is looking at the budget and chooses to install only the bare minimum. Once these large corporations get hacked, there is never again a problem with them spending money on network security.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/305/30842#30842