For many organizations their dependence on information systems, both within the company and networked up and down their supply chain, is now business critical. Any sustained loss of availability of these systems would threaten the very existence of the business. Security is a holistic issue. Vulnerabilities in physical, personnel and electronic security all need to be addressed with equal commitment. Too many businesses still focus on physical security without sustaining even basic precautions in personnel and electronic security