Corporate IT Departments Faulted for Threat Priorities

Corporate information technology departments are prioritizing the wrong threats to their computer systems, focusing on old problems and leaving their companies open to a raft of new cyberattacks targeting sensitive customer and corporate information. That is the finding of a new biannual report from the SANS Institute, a training organization for computer security professionals, whose senior staff weighed two sets of data that have not been rigorously compared to date: data on the most common attacks hitting corporate networks and data on which vulnerabilities are most prevalent on company networks.