Information security is a reactive world. The next intrusion, vulnerability or worm is always right around the corner. With critical issues arising everywhere, the typical IT staff or security organization spends most of its time reacting to outside forces and not nearly enough time getting ahead of the curve.