A recent survey found that more than 40 percent of organizations are unsure how often they are the target of advanced network attacks, and 50 percent take a month or more to detect these attacks. To beat those odds, Spain's national aeronautics institute (INTA) is taking a layered approach to security, reports InformationWeek's Mathew J. Schwartz.

The computing environment at INTA, with 1600 scientists working with top secret information, is not an easy one to secure. The institute uses overlapping technology and looks for ways to compare and contrast information, regularly testing security systems. Even though it had anti-virus engines deployed on all of its PCs and intrusion detection and prevention system for its networks, INTA found three botnet infections on PCs last September when started testing three kinds of firewalls.

INTA's experience shows that you can't assume you don't have security problems just because your security technology hasn't caught them. As Schwartz points out, we have a tendency to play down the likelihood of problems. "How can people combat this tendency?" he writes. "The answer, generally speaking, is to use more automated mechanisms that reduce the need for subjective interpretation. In security terms, it also includes layering defenses to help build a better, automated picture of what's actually happening on the network."

For more:
- see Mathew J. Schwartz' article at InformationWeek

Related Articles:
Privacy, security legislation coming in 2011 could affect enterprise IT
Survey: Most organizations don't delete data securely
Ponemon: Data breaches cost healthcare $6 billion a year