Corporate information technology departments are prioritizing the wrong threats to their computer systems, according to a new report from the SANS Institute. The report is based on data on the most common attacks hitting corporate networks and data on which vulnerabilities are most prevalent on company networks. The findings are based on two sets of data that have not been rigorously compared to date. The SANS report is published by The New York Times, a training organization for computer security professionals, whose senior staff weighed the data.
Source: https://threatpost.com/security-pros-are-focused-wrong-threats-091509/72288/