Saw this article online earlier. Apparently a Veterans Administration employee had been taking veterans’ personal information home and their house was burglarized. Nice work.
Managed to chew through most of this over the weekend and it is a great read. The focus of what we do at Denim Group is largely on threats to organizations via web applications, so a book like this and incidents like the most recent one with the VA help to put what we do into perspective. You can (and should!) defend against SQL injection vulnerabilities and other web application threats, but if your policies and procedures are such that employees are walking out the front door with sensitive information you are always going to be open to attack.
dan _at_ denimgroup.com