Late last year, technology research company Gartner dropped a bombshell in its annual Top 10 predictions: by the end of 2007, it said, fully 75 percent of enterprises would be infected with undetected, financially motivated and carefully targeted malware that had evaded their traditional information security systems.

The response from business was underwhelming, to say the least. In the 2007 Gartner CIO survey, information security dropped from its ranking as the number one priority in 2005 and number two in 2006 to number six in terms of planned investment in technology.