Freely subscribe to our NEWSLETTER

According to the data security specialist, although there is clearly a balance that needs to be struck in all organisations in terms of security expenditure and its return on investment, the high profile status of the Department of Homeland Security means that the Web site should not be vulnerable to hacker defacements.

"Although it’s fair to say that no IT resource can ever be 100 per cent protected against all types of attacks, the fact that this hack - and the other two state sites that were also defaced - apparently stems from a misconfigured script or server settings sending out all the wrong messages to businesses and hackers alike," said Amichai Shulman, Imperva’s chief technology officer.

"As if this wasn’t bad enough, the statements by officials also seem to be at odds with each other. On the one hand we have a state spokesperson saying no real damage was done, and on the other we have another set of people trying to justify the need for another layer of government employees when the existing staff resources could do the IT defence job just as well - or not, as in this case," he added.

Shulman went on to say that the best security can always prevent hackers, but the big question is how much security an organisation is willing to invest in.

This is generally answered, he explained, by balancing the pros and the cons of investing in one or more elements of IT security - and in the case of the Department of Homeland Security, the pros very clearly outweigh the cons.

It’s important to realise, the Imperva CTO went on to say, that hackers never introduce the vulnerabilities themselves - they just exploit them.

“People need to realise that whatever you do, wherever you are everyone is a target. Only by investing in the best software can you prevent hackers from destroying your business” adds Shulman.