Within businesses, security issues, and their consequences for the general public, saturate the news. With large organizations, even those with substantial budgets, well financed IT/IS departments and resources dedicated to system security, often do not do an appreciably better job than smaller enterprises with fewer resources and either no plan or a largely ineffective one.

Most recently eBay and Target are alarming examples, and although those garner the most attention, as destructive both financially and to public peace of mind, the area of greatest concern is largely overlooked. These are the entities Homeland Security defines as Critical Infrastructure, “the backbone of our nation’s economy, security and health.”

This paper will examine the threats to which these types of organizations are vulnerable, as well as the common mistakes being made that increase their susceptibility to the risks. Poorly planned and ineffectively implemented security measures may result in unintended consequences such as the loss of productivity and business confidentiality will also be examined. Finally, a template for developing an effective security plan will be included.

Download the paper here.