WIRED Mag has a great article by Kim Zetter. It boils down to the fact that high-level hackers are able to get and stay in your network. And even if you are able to kick them out, they unleash a spear-phishing campaign on your users, and they are back in. Here is a bit of a shocker: "According to Richard Bejtlich, chief security officer for computer security firm Mandiant, which has helped Google and many other companies conduct forensics and clean up their networks after an attack, the average cyberespionage attack goes on for 416 days, well over a year, before a company discovers its been hacked. Thats actually an improvement over a few years ago, he says, when it was normal to find attackers had been in a network two or three years before being discovered." The solution? Analyze and segment your network and keep the truly confidential data completely off any segment with public access. Expensive, but effective. Here is the (warmly recommended) article: