And of course, all of this is in addition to traditional threats such as corrupt employees or stolen equipment. Those threats haven’t gone away and aren't likely to.
Most criminals are simply after the information, and a few thousand bucks to get a CD delivered or a laptop lifted is small change by comparison to having to create stable malware that’s hard to detect.
While the threats have changed, the means of fighting them off really haven't. On the other hand, the importance of implementing good tools has grown substantially. Just as you can no longer afford to be without antivirus software, you can also no longer afford to be without a firewall. You must also have a way to monitor the activities of your employees and to control the information that leaves the company.
Depending on the type of business you're in, the requirements for battling the growing risks of today and tomorrow have become more immediate. For example, protecting customer information is more than just a good idea; today it's the law. If you fail to meet the requirements of the government regulations that affect your company, you can go to jail. You can also be sued for gazillions of dollars and you can lose your job. Foul up badly enough and your company can go under.
If you're a consumer that fails to take these threats as seriously as you should, you can face financial ruin. The twenty dollars or so that it costs to keep your antivirus package up to date seems like a small cost by comparison. Even smaller is the cost of the free software necessary to provide a personal firewall for your computer when it's attached to the Internet. Microsoft provides that with Windows, but you can also download a free personal firewall from Zone Labs (www.zonelabs.com).
In short, the threat level is growing and the consequences are getting worse. Balance that against the relatively inexpensive countermeasures and failure to meet those growing threats becomes difficult to justify. And if you're in business, it becomes irresponsible. How would you like to explain to your boss on your exit interview that you didn't take the precautions you knew would protect the company's assets when you could have done so?
As I left Kaspersky's offices to catch the bus, the chill I felt wasn't just from the Russian winter. It was from today's changing security landscape, and the fact that too many companies, and too many ignorant consumers, will continue to ignore security steps they must take, and in doing so, endanger the rest of us.