Bangalore:What is the definition for risk?  If a competitor or adversary can take advantage of a glitch or bug you have by breaking the barriers in protecting your asset, then it’s a risk.

Eric W. Cowperthwaite, chief information security officer for Providence Health & Services said that most of the companies just focus on two parts of risk: assets and vulnerabilities. But they are simply internal to the networks.

Nowadays companies are keen on giving more importance to the need of security and they are advising their security professionals to make a note on their adversaries and the possible threats they are to face, which lead in companies making a description of the threats, says Cowperthwaite.

Below are the four steps that the companies should be taking to know the possible threats to their business.

1. Watch for the attackers:

The key in separating the attacks from the crowd is always good mechanisation. To provide help we have a number of tools that range from security information tools to event management products.

"There are the actual pings you are getting every day, which can now, for an average target, be in the millions every day," says Tom Patterson, lead partner for the security consulting group at Computer Sciences Corp. "There is no way to look at that. You cannot capture it in a log and read it out and find some patterns there."