As hackers and cyber-thieves become increasingly sophisticated, I often wonder why some organizations still think it's a good idea to bypass expert help and develop their own (vulnerable) systems.

The grapevine is crawling with stories of blind-optimism and prize-winning worst-practice. Even allowing for the inevitable urban myths, there are clearly instances where well-meaning people - by trying to do the right thing - put their own (and their customers') information and assets at serious risk.

The link for this article located at www.rsasecurity.com is no longer available.