In an unbounded world where network perimeters are obsolete, and where the distinction between insiders and outsiders is diffused, traditional security tools fall short. In this world, IPS is the new crown jewel of enterprise security!

Today, bounded environments ensconced within clearly demarcated perimeters are giving way to a milieu where gateways are obsolete. In this environment, the distinction between insiders and outsiders is blurred, and organisations neither have central administrative control over their information systems nor do they have access to global view of events occurring therein.

Wireless connectivity is set to become the biggest thing in computing since the Internet. With ongoing WLAN security initiatives this may well become true, painlessly, and sooner than predicted.

People are the weakest link in the information security chain. Social engineering is a hacking technique that relies on weaknesses in human nature, rather than weaknesses in hardware, software, or network design.

Enterprise security architectures flow from security policies, which are based on estimated risk to the enterprise. Security models provide a quantitative technique of encapsulating the policies into executable architectures.

Enterprise Information Infrastructures have become critical 'centres of gravity'. Implementing robust information security controls in the enterprise is no longer a matter of choice.

Does the open nature of Open Source actually make it more vulnerable to attack? Or, does the fact that code can be reviewed and bug fixes be submitted make Open Source superior to proprietary software?

Information technology is strategic to enterprise growth. Today, information assets have to be protected with the same level of commitment and vigilance that the management devotes to financial supervision and overall enterprise governance.

Business continuity and disaster recovery planning are now accepted as basic requirements for every business organisation. It is widely accepted that a detailed Disaster Recovery Plan should not only exist, but should be up to date. It should reflect the actual on-going needs of the business activity or function.

The role of information security has changed across the past few years. Traditional definition of protecting networks and the Datacenter has undergone a shift in focus resulting in enablement of businesses with security solutions actually moving your business forward or even to the next step.

Even as countries and organisations are gearing to defend themselves from cyber criminals and terror mongers, newer methods of destruction are being devised by potential attackers. The Internet, which started as an information dissemination medium, has now become the ground-zero on which tech savvy terrorists and criminals are 'settling scores'.

Distributed Denial-of-Service attacks are getting more and more sophisticated, pre-meditated and well coordinated. The attacks are more often than not focused on the core Internet infrastructure rather than isolated victims.

'Electronic scavenging' for retrieval of sensitive data is a reality in corporate espionage today. 'Degaussing' completely and irretrievably erases the information stored on the magnetic surface.

According to the CSI/FBI Survey 2002, over 94% of large corporations have had sizeable downtime and financial losses due to malicious code attacks. As per the CII-PwC Survey 2002, 75% corporates in India have had serious incidences of malicious code attacks "forcing them to shut down external connections to the Internet, resulting in large losses due to downtime and lost business opportunities".

It is good to have a snare and a trigger, but without the trap it makes no sense. Incident detection is important; but incident response is more critical. You realise you are being hacked. What do you do? Press the panic button?