During the past several years, there has been a fundamental shift in technology spending habits. The majority of technology projects today involve using computer networks to increase revenue, reduce costs and improve operating efficiency. Initiatives, ranging from setting up a simple Web presence to deploying complex B2B e-commerce applications, all necessitate the opening up of previously internal IT systems to the public Internet. The Internet, combined with intranets for employees and extranets for customers and partners, effectively creates networks that extend beyond the enterprise. This fact creates significant new security concerns that highlight a need for expanded security applications.

A study conducted by the Computer Security Institute and the FBI found that 70 percent of the companies surveyed have suffered at least one serious cyber attack such as theft of proprietary information or a denial-of-service attack. The survey results show that 74 percent of companies reported a financial loss due to a security breach in 1999, which collectively was more than double the aggregate loss reported in the prior four years. High-profile security breaches regularly appear in the mainstream media, paralleled by frequent reports of high-profile software and hardware vulnerabilities. On July 16, 2001, in testimony before the U.S. Senate on the security of the Internet, Bruce Schnier of Counterpane said:

"I believe that the Internet will never be totally secure. In fact, I believe that the Internet will continue to get less and less secure as it gets more interesting, more useful, and more valuable. And the processes of detection and response, risk management and insurance, and forensics and prosecution will serve the Internet world just as they serve the real world."