This week Roberto Casula, principal software consultant at Applinet plc, urges the security industry to exercise caution in the way they relay security threats to the public.
The boom in the security industry over the past 12 to 18 months and the resultant column inches explaining the whys and wherefores of platform and application security issues have created a wide range of sometimes opposing views.
For every attempt to push the business benefit of a given technology there is a security expert tinkering away behind the scenes, attempting to fathom out what and where its vulnerabilities are.
This activity forms an essential part of the testing of a company's security systems and should not be overlooked at any cost.
But I would urge the security industry to take care over the way in which some of these security threats are relayed to the public.
There can be no doubt that the average network is potentially a very vulnerable place. Spam, unpatched vulnerabilities allowing successful mechanical and targeted attacks, and viruses must prey on the mind of almost every network manager and administrator.
But confusion reigns over exactly what constitutes a threat.
I recently read an article quoting a number of sources discussing the security weaknesses of converged networks, focusing on how would-be hackers could access an internet protocol (IP) telephony system and bring it down.
I was immediately struck by the way in which the article apparently overlooked the broader implications of using convergence technologies.
While it is important to consider targeted attacks against IP telephony systems under certain circumstances, solutions can be put in place relatively easily to isolate the IP telephony system from the internet and PCs on the corporate network and prevent such attacks.
By concentrating on the perceived problem of the security of the IP telephony system itself, it is too easy to forget about the much more common threat to all applications delivered over the data network.
A more significant threat to the availability of the IP telephony system and every other application running on the data network is the possibility of undermining the network infrastructure itself.
Too often, companies spend time and money securing specific servers and applications against targeted attacks without properly considering the infrastructure that allows these applications to be delivered.
As the recent Blaster and Nachi worms demonstrated, today's high-performance PCs and the increasing take-up of gigabit Ethernet mean that enormous volumes of network traffic can be generated by the simplest malicious code.
These large traffic volumes can very easily cripple a network and cause network devices not designed to handle this volume of traffic to fail. It is worth bearing in mind that this effect is an inadvertent consequence of these worms, rather than their intent.
Many networks were brought down by the recent worms not through the front door of the corporate firewall but via the back door of the remote worker.
Remote workers connecting to the internet from home became infected due to the lack of a firewall, out-of-date antivirus software and unpatched and unmanaged software. When they returned to the office or connected to the local area network (Lan) over a virtual private network, the problems began.
Any unpatched machines on the Lan could be infected. Often these are critical servers that have not been patched because of the downtime required.
More important, the large volumes of network traffic generated by the worms would very quickly overwhelm network devices, producing an unanticipated but effective denial-of-service attack.
As businesses rely more and more on the IT infrastructure in order to function - IP telephony being just one example of this - more emphasis needs to be given to the challenges of securing remote workers, patch management, network-level authentication and the security of the network switches and routers themselves.
Microsoft receives a 30 per cent cut of all purchases on the Xbox digital store
Credit card thieves used Apple ID accounts to buy and sell virtual currency for Clash of Clans and Clash Royale and Marvel Contest of Champions
$5.1bn fine further evidence that the EU is anti-US, claims Trump
New cable will connect Virginia to France