former Soviet country is spreading fast because it doesn't rely on
e-mail – it automatically exploits a vulnerability in Microsoft's
Internet Information Server. Now what? Do you cancel your evening plans
and stay late testing patches, or can you safely ignore this worm?
Network administrators face similar questions hundreds of times
each year. With your company's electronic treasures at stake, you need
a consistent paradigm to help evaluate whether each new threat deserves
a yawn, a fire drill or something in between.
What follows is a checklist of nine questions to help you weigh the significance of any new threat.