Describe three factors that can delay or undermine an organization's ability to make its systems safe from attack and subsequent loss.

What will be an ideal response?

There are many factors that can delay or undermine an organization's ability to make its systems safe from attack and subsequent loss:
·      Even though popular information security technologies such as scanning tools allow security administrators to evaluate the readiness of their systems, they may still fail to detect or correct a known deficiency, or they may perform the vulnerability detection process too infrequently.
·      When a vulnerability is detected in a timely manner, it cannot always be corrected quickly. Because corrective measures usually require that the administrator install patches and upgrades, addressing the vulnerabilities is subject to fluctuations in the administrator's workload.
·      To further complicate the matter, sometimes services known to be vulnerable cannot be disabled or otherwise protected because they are essential to ongoing operations.