The typical computer network isn’t like a house with windows, doors and locks. It’s more like a gauze tent encircled by a band of drunk teenagers with lit matches” – Robert David Steele, former CIA analyst and CEO of Open Source System It must have taken vast amounts of self-discipline to avoid radiating smugness: When American Water was infected by the Sasser worm last year its exposure was limited to just 19 hosts out of a potential 10,000, thanks to early detection and active intervention. During the same period, a sister company suffered 4000 infected machines – virtually its entire infrastructure. “The remediation alone, much less the business interruption quantification, was in excess of a half a million [US] dollars value to us,” says American Water director, security, Bruce Larson.