IT Security Becoming a Strategic Imperative

Share Article

Report Explores a Strategy to Protect Business and Government Computer Systems from Hackers, Virus Writers, Identity Thieves and Terrorists

CRA Reports has issued a white paper titled "Toward the Stategic Security Imperative" explaining a new approach to information technology security. With recent high profile breaches of corporate and government computer systems, concern for computer security is no longer limited to network engineers and geeks. Mainstream media have picked up the story, and revelations of major security lapses have attracted keen attention from state and federal governments. Corporations risk enormous damage to reputation and goodwill when they lose control of confidential, personal information. In the past, hackers were primarily motivated by bravado and ego. Today’s intruder has a more troubling motive: the desire to profit from mass identity theft.

According to the report, many executives still do not understand how to secure and protect mission critical information. The challenges organizations face in reducing their risk stem from a limited, tactical understanding of risk and vulnerability assessment, perimeter security, threat remediation, anti-spyware, patch management and other critical security activities. When organizations treat these activities as separate issues, they fail to understand their overall risk posture, inhibiting their ability to respond appropriately and cost-effectively to threats.

"One of the greatest threats to enterprises today is that many, too many, organizations still consider security the lock they put on the door after the house gets built," said Sean Moshir, CEO of PatchLink Corporation, sponsor of the report. The result is a tactical approach to security that is fragmented, manual or minimally automated, disjointed, and blind.

A tactical approach is also costly. According to recent research from Yankee Group, it can cost as much as $1 million to manually deploy a single patch in a 1,000-node network environment. The firm has documented an instance in which an organization spent $2 million to rush a patch in a telecommunications network that had 500,000 nodes. “What contributes to these costs? It is the manual labor, the fixing of problems, the downtime for businesses while the patches are being deployed,” explained Phebe Waterfield, Senior Analyst, Security Practice, Yankee Group.

The complete white paper is available to the public, free of charge, at ("get white paper").

About PatchLink Corporation

PatchLink™ Corporation ( is the established leader for enterprise-wide, security patch and vulnerability management including end-point and anti-spyware solutions. Recognized by Inc. 500 as one of the fastest-growing companies in the United States, PatchLink’s market-leading PATCHLINK UPDATE™ software currently operates in every branch of the federal government, including the Army, EPA, USDA and NASA; global companies, such as Thomson Financial, Virgin Airways and Boeing; and major regional companies, including BlueCross BlueShield; and several academic institutions. With a strong reputation for providing unparalleled network and security management software products and services, PatchLink has one of the largest installed subscriber bases for patch and vulnerability management software. For more information, please visit

About Cooper Research Associates

Founded in 1994, Cooper Research Associates (CRA) is an independent reporting agency with offices in San Francisco, CA and Washington, DC that analyzes user trends in business technology. CRA Reports explore the role that technology products and services play in the overall economy and/or in specific vertical industries. For more information, please visit To view a list of current white papers, please visit

# # #

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Lane Cooper