Eighteen months ago, my company, a large financial services organization, suffered a number of attacks that were stopped mostly by luck. With the awareness of security raised, management hired me as information security manager to secure their infrastructure and operations.