A lot has been written about the recent attacks on Google. So what does the Google experience teach us about the future?
During my conversation with Scott Crawford, research director of security and risk management at Enterprise Management Associates, he told me that the first thing we must look at is the nature of the attack itself.
"Evidence indicates that this is a skilled and dedicated attack," he told me. "This was someone with the ability to use the most appropriate tool to gain unsuspected access to a target. It's been suggested that the real object might have been intellectual property, as well as targeting Chinese dissidents."
The attack has raised awareness of the type of adversary that businesses may be up against, Crawford added.
"It has raised the bar in what businesses have to do to respond to that type of threat. They have to be much more strategic in how to defend the organization."
At the basic level, that means keeping software up to date (such as upgrading to IE 8) and systems patched. (For example, Microsoft released an emergency patch last week to fix the security hole in IE 6 in response to the Google attack.)
"We need to take the basics seriously," Crawford said. "On the one hand, there were very sophisticated aspects to this attack. On the other hand, there are still a huge number of simplistic passwords and old, vulnerable software."
Also, he concluded, for global businesses or those who are looking to expand into Asia, it is important to think about what this incident means for your business strategy in that region.
"You need to have a realistic understanding of the types of risks faced. You want to make sure you have a mature approach to security and preparedness."