Only in the computer security world would I get taken to task for saying the defenses you apply should be directly related to the threats you face.

That’s exactly what happened after I posted “The No. 1 problem with computer security” last week.
Several readers wrote to tell me how stupid I was for not including their pet threat defense project. Others wrote to say I did not sufficiently appreciate the threat of pass-the-hash attacks.
Still others maintained I shouldn’t be proclaiming anything when many companies don’t have firewalls or up-to-date antivirus software, and so on.To read this article in full or to leave a comment, please click here