Most cybercrimes are committed against the United States and countries such as Great Britain and Australia and some other European countries. Some smaller countries or countries that haven't quite caught up with the computer age don't have laws on the books to charge someone caught hacking into computers in their country. The problem with the internet, is that someone can sit in a small country that just barely has computer capabilities and hack into a computer system in another country such as the United States and even if we were to track the hacker down and pinpoint exactly where they are, if that country doesn't have laws in line with us or extradition programs, then it is all but impossible to prosecute the criminal. Analysis Section of Security Management

I learned that security management is an on-going problem with companies and governments. There are constantly new viruses and worms and other things to steal data from computers or to shut down computers and data. One of the things I learned about this subject is the different degree programs that are springing up across the country to get people ready to work in this field. One of the main degree programs is CISSP -- Certified Information System Security Professional which takes 5 years of experience, practice in two of ten domains they list and passing a 250 question test. Of course there are other degree programs at different universities and technical schools, but it does seem that this is the job of the future.

The short article Industry needs less ethical computer hacking, more risk management strategies by Jay G. Heiser retrieved from http://searchsecurity.techtarget.com/Industry-needs-less-ethical-computer-hacking-more-risk-management-strategies discusses the fact that too many companies are taking the wrong approach to internet security by hiring people to "put out fires" rather than make their program or company invulnerable to attack. Had a good suggestion, pay their security people a bonus for a year with no security problems or breaches rather than paying them extra for fixing the breach after the fact.

The short article Automated attack toolkits single biggest...

They are: directory traversal, cross-site scripting, SQL injection and remote file inclusion. The report gave the opinion that companies need to focus their security on the areas that are being targeted the most. There are tool-kits that are being offered to people to allow them to get information from websites and the hackers can make some money with very little output.
The article Quantifying the Benefits of Investing in Information Security written by Lara Khansa and Divakaran Liginlal discusses finding the best information security firm to do business with. The authors report that even small breaches in information security can cause stock prices to go down and affect the overall value of a company. This is just one reason to get a good information security firm. A good firm will change things periodically because the people who are wanting to hack into your company are not sitting back on their laurels and thinking that the old technology will continue to work forever. Therefore your company, and by company, we mean the information security company you utilize should be constantly changing things up, so that the people who want to hack into your company will be thwarted.

References

KHANSA, L., & LIGINLAL, D. (2009). Quantifying the Benefits of Investing in Information Security.

Communications of the ACM, 52(11), 113-117. Retrieved from EBSCOhost July 26, 2011.

Heiser, J.G. (May 2004). Industry needs less ethical computer hacking, more risk management strategies. Retrieved from http://searchsecurity.techtarget.com/Industry-needs-less-ethical-computer-hacking-more-risk-management-strategies

O'Roarke, H. (July 26, 2011). Automated attack toolkits single biggest threat to Web apps, report finds.

Retrieved from http://searchsecurity.techtarget.com/news//2240038876/Automated-attack-toolkits-single-biggest-threat-to-Web-apps-report-finds