Re:screw it, here is the summary (Score 4, Insightful)

"Malicious code, such as viruses, worms and Trojans, remains the number one most concern of most IT security professionals"

I'm an IT security professional, and this really scares me. There are gaping holes in most organisations internal security that far outweigh the threats from external sources. Examples include

• Paranoid mobile-office/home access to the corporate network with virus scanners and what-have-you, while username/password for the mainframe travels in the clear on the corporate LAN.
• Application (especially web) security with more holes than swiss cheese.
• Internal users who have full access to everything, and not even decent routines for potentially devastating tasks. Last summer here in Norway most banks stood still because a techie formatted the wrong SAN box in a vital datacentre!

We're very(?) good at protecting from untrusted users & systems, but not against trusted users & systems. Learning the difference between trusted and trustworthy is extremely educating ( ref )!