Network Security: Proactive or Reactive?

Network security in many cases is handled reactively. In fact, from day one companies were not prepared to have to defend their networks- not from hackers, viruses or any other threats. So, when attacks began to occur and malware outbreaks brought the network to its knees the response was, by default, reactive and it fell onto people, typically the network administrator, who did not necessarily know anything about security or how to protect the network. Over time more and more companies have separated network security from network administration. This article from ComputerWorld by Edward Smith expresses the opinion that security is becoming more integrated with business goals and processes and less a reaction after the fact. I don't know if many companies are there yet, and network security budgets and support would seem to suggest we have a long way to go, but the more companies look on network security as a necessary piece of the budget and understand that it is cheaper and easier in most cases to handle it proactively rather than reactively the better off everyone will be. The Changing Face of Information Security