Throwing money at information security has never been a particularly effective way of preventing or solving IT problems. Indeed, the Department of Energy (DOE) is finding that throwing $2.7 billion (the amount estimated for fiscal year 2004) at its computer security issues may not do the job. The agency's inspector general, Gregory H. Friedman, noted in a recent evaluation of systems that while DOE "continues to improve its unclassified cyber security program," there are still many problems that "could expose critical systems to compromise." Read the inspector general's full report.doe_techtalk1204.pdf