It is widely understood that common sense isn’t common. It’s more frustrating when the approaches used by some associations to prevent cyber attacks from enterprise assets lack the use of common sense. This article documents studies on the frequencies where large associations that are many scan their networks to spot vulnerabilities and increase their security posture. While zero-day strikes (malware introduced to the cyberspace for which countermeasures have not been developed) constitute about 13 percent of all the vulnerabilities (Ponemon Institute, 2014); the remaining 87% are well understood and countermeasures exist for preventing them. The article also explains some of the complacencies of several organizations in fighting cyber threats and provides some tips for protecting the information and communication systems which support government and private associations from cyber attacks. Continue reading →