CTI has been brought in to audit security of Government Agencies computers, to find that yes they had bought security software and in some cases hardware, in one case two years before the audit and it still had not been implemented, the internal Government requirements made implementation too costly, and required so much training it would have operationally shut down the Agency for a month. By the time of the audit, most of the items bought where out of data, and could not meet the new threats being faced. Private sector companies face this issue as well, both are met with conflicting regulations and requirements that keep them just standing still. But fear not the security solutions had been bought. Where is your firm in this continuum?
from CTI Consulting http://ift.tt/1NcJAhh