One of my clients was recently hit (again) by the Conficker worm. The company's systems were all fully patched, yet the malware still managed to infiltrate hundreds of machines. It was evident that worm was able to spread rapidly via a network share vector. But the real question remains: How did the worm infiltrate the network in the first place, given that all the systems were patched?

This scenario perfectly illustrates the importance of root-cause analysis -- that is, determining how your company can be most successfully attacked by malware and malicious hackers. While there's no single, general recipe for achieving this goal -- that requires full security review of your particular environment -- you need to perform a dollar-wise risk assessment, starting with a root-cause analysis.

Original Article