As we have seen in General Computer Security and elsewhere, IBM designed their computers with security in mind from the foundations, but to "save money", many of IBM competitors did not include it, so it became a poor add-on after it was too late to do a proper job. This in turn led to a need for better security, and an explosion of enterprises seeking to achieve this, largely on computer systems designed such that this became an impossible task.
SANS http://www.sans.org/ (System Administration, Networking, and Security Institute) was one of the first places to evaluate the state of art of computer security on a broad scale. It developed lists of things people need to do to improve overall computer security, aimed at different subgroups of computing using population.
Bookmark the SANS Security Reading Room http://www.sans.org/rr/
SANS is probably best known for their directory of the top vulnerabilities http://www.sans.org/top20/
sign up for SANS alerts bulletin and check out GIAC certification http://www.giac.org/
Internet Storm Center
while you are in the neighborhood, explore the Internet Storm Center http://isc.sans.org/
SANS founded the Internet Storm Center, which tracks computer crime across the globe using like a weather map that you see on TV weather, with various colors for how bad it is where, established standards so that people with firewalls could have their logs automatically go to data bases that track cyber criminal activity and dispatch cyber police to take action against the cyber criminals who are doing the most damage, thus helping gain the most bang for $ anti-crime budgets available.