General and @Eirronbc
"Additional training to specific staff groups
Command and control arrangements
Administration and documentation within the control room
Categorized identification of Trust priority areas
Register of staff skills that can aid Trust response "
WTF? Surely you fire the people in charge of managing the AV and patching (unless management told them too do it!) and put safe guards in place to prevent it from happening again...?
I know from the fact that you call Ubuntu "uninfectable" that you cannot possibly work in any sort of senior or responsible IT security position, but I'll try to explain anyway:
Not the people, but managing 1000's of machines on a daily basis. Last time I tried Ubuntu I discovered that there were more updates pending than on my Vista boxes...!!!
Ubuntu is expensive. Look into training, testing, support, management etc.
All ports are closed by default. On Vista no malware can gain admin rights either. Updates happen in the background. You rarely need to reboot a Windows server or XP/Vista desktop.
Listen penguin fans - Linux rocks. It's a great platform and I actually enjoy playing with it more than my Windows boxes. However the reason the vast majority of enterprises run Windows as their core platform is simple.... it's easy to manage and there's a shit load of support and applications for it.
It's that simple.
Since XP SP2 it hasn't been insecure out of the box. It automatically updates, it has a firewall and you shouldn't need any vists to the desktop for support. Yeah, it costs. But it's also easy to work with and the admins are cheap. Management is a piece of cake and you KNOW there's an application - with support 24/7 - for nearly any application you need.
Now please CBNorrie@hotmail.com (using a MS account?! [gasps]), get a grip a try to live a little in the grown up business world for a few minutes.