Problem:
The original posting question: How should organizations respond to information system security threats?
The most vital step is for the organization to recognize that security threats are real - and initiate a defense. Policies and procedures must exist on how information systems will be managed, what protocol are utilized to monitor security violations, along with possible disciplinary and/or termination action if employees are involved in breaches.