Iball, you have made some good points, but in what manner is this rhetoric necessary to your argument?

Hedge, thanks for initiating this discussion. It's a tough one certainly, but even the *difficult* posts are worth reading!

My 2cents: Security comes down to trusting people, and some businesses can 'afford' to do it, others simply can't. I work at a University where there are so many people, layers and devices that no 'security system' is sufficient for the whole. Breaches occur not just because people are malicious (which they can be) but because they are careless, lazy or both (which they are more likely to be