Firms that rely extensively on the use of technology for financial and other kinds of reporting may be dependent on the open-IP network to do business with suppliers, customers and partners. This dependence leads to concern over network security, thanks to vulnerabilities made evident by attacks such as Slammer and SoBig.
Sarbanes-Oxley requires reports and assessments, but not a secure IT infrastructure. Clear definitions of "best practice" must be developed, especially in financial industries such as banking and insurance.
Read the entire Red Herring column here.