Defense against cybercrime is costly and often discourages corporations from investing enough to adequately counter the threat.
Despite warnings that such inaction, lethargy or cost-cutting is counterproductive, businesses in a time of global downturn find they have to make hard choices between what is desirable and what is attainable within narrow budgets.
Still, cyberthreats are becoming more pronounced and diverse and harder to fight.
Analysts say cybercrime incidence is widespread and not all threats can be put at the door of foreign and international suspects, as recent public rhetoric has indicated. China is cited most frequently as the source of hacking attacks.
This month, ACSC said a Chinese hacking group accused of Chinese army links seemed to be going after industrial control systems.
The group was caught in December infiltrating a decoy water control system for a U.S. municipality.
The malware used and other characteristics of the attack were unique to a group that's said to operate as part of China's army, U.S. cybersecurity experts said.
"Because many of the cyberattacks that happen in corporations today involve people wielding valid digital credentials, all the firewalls or virus and intrusion detection systems in the world can't prevent a breach," Courion said.
"To spot anomalies and reduce risk, organizations need ways to continuously monitor employees' and other approved users' access to company resources."
Courion Corp., which specializes in intelligent identity and access management, said it will collaborate with ACSC to address sophisticated cybersecurity challenges.
ACSC is a non-profit corporation started by Mass Insight Global Partnerships, which brings industry, university and government organizations together to address sophisticated cybersecurity challenges.
Courion said it is helping more than 500 organizations manage their critical IT assets.
Chris Sullivan, a CourionLabs vice president, said the company continuously scrutinizes "who has access to what resources across the entire enterprise and how access patterns are shaping up at any time.
"Analyzing petabytes of data related to identities, rights, resources, policies and activities, we identify risks, anomalies, potential breaches and actual breaches, often catching what slipped through a company's other defenses."
The petabyte is a multiple of a byte for digital information, or the fifth power of 1000. One petabyte equals 1 quadrillion -- 1,000,000,000,000,000 -- bytes.
Courion said it will donate software and professional services to ACSC to help manage risk for ACSC members throughout New England.
Based at The MITRE Corp. campus in Bedford, Mass., ACSC uses New England's university, industrial and research resources to develop next-generation solutions and strategies for protecting public and private IT infrastructure.