The discussion notes that attacks on information systems can include the destruction, damage, or contamination of data; denial or delaying of use or access; the production of false data; the modification, replacement, or reordering of data; the misrepresentation of data; the misuse of data; disclosure of confidential information; theft; and endangerment by exposure to one of these threats. Sources of threats include hackers, economic espionage, mercenaries, and bounty hunters. Countermeasures should include risk analysis, policies and procedures, security awareness, understanding of the risks and sources of risks, testing of security strategies, and use of appropriate security technologies. Figures, tables, lists of security tips for corporate networks and for small businesses, lists of resources, and 10 suggested readings