We began this series of articles with the observation that recent advances in the area of network technology and the success of the Internet have resulted in a new business model. This new model has resulted in a number of new challenges in the area of information security which, although largely understood, are only partially resolved. As a result, information security-related risk has been growing rapidly in the last few years and companies will need to take a more proactive stance to managing this risk in order to continue to enjoy the benefits that technological advances have made possible.