Medium sized organisations in EMEA are increasingly concerned about IT security threats, and the rising number of incidents shared publicly certainly justifies their worries. The first half of 2009, for example, saw almost as much new malware as it did in all of 2008. At the same time, most organisations have frozen or cut their IT security budgets.
This increase in threats, against a backdrop of reduced budgets, is a security paradox as it defies intuition. This paper will explain why this security paradox needs to be addressed sooner rather than later.