I suggested in a recent post that hacking is probably more profitable than selling drugs.
Apparently it is true according to a white paper from MessageLabs.
I warned recently of the need for security in programming frameworks, suggesting that just because you are behind a firewall doesn't make you "safe" from all the world.
This whitepaper also hammers this point home talking about phishing attacks. If someone can weasel one piece of spam through and get one of your 800-20,000 employees to click on the wrong link...they may be able to open the floodgate to all your corporate data.
One recent article I read on top security practices suggests encrypting - everything. Hard drives, databases, etc. Plus you need a good key management system in case someone loses their password or means of encryption and needs to reverse it.
But the point here is - email is the doorway hackers are trying to crack. And just becuase you don't see it - think again. They are pretty sly. Virus programs embedded in malware so the more obvious hacks are wiped clean, monitoring logins so when you login they vamoose, using students at Universities, disguising themselves as harmless but annoying bots...
Here's the white paper regarding the latest email attacks and IT security:
http://reg.itworld.com/servlet/Frs.frs?Context=LOGENTRY&Source=eTEXT0104hm&Source_BC=7&Script=/LP/10011793/reg&code=MSGPSA0122