A core dilemma for IT today is how to properly protect the organizations' information systems and assets given security tools often seem like a black hole sucking down both time and money. But a strong defense doesn't have to be expensive, and a good place to start is assessing what information is publicly available and figuring out how to safeguard it from attack. It's easy to get caught up in the hype around who might be attacking organizations and why, which leads to misconceptions about the requirements and costs associated with effective security.
What good to an organization is any security program -- expensive or not -- if the organization doesn't even know what it needs to protect or how vulnerable to attack they are to begin with?
Read the full article at Network World (IDG) (US) to read about 5 tips captured during the 2012 ISSA Los Angeles Information Security Summit to see how open source information can prove to be critical in any organization's information security program.