The unfortunate reality is that most organizations don't even know that they've been compromised and therefore don't do anything to block spreading of the malware, control the damage, prevent loss of information, or even recover from the technical problems associated with the compromise.

IN PICTURES:

, former executive assistant director (EAD) of the FBI and now president of CrowdStrike Services, told the 6,500-plus attendees of the recent that the FBI has knocked on the doors of numerous companies to let them know their data had been discovered on the Internet (usually discovered in unrelated investigations). "Months, or even years later -- with unfettered access, and unbeknownst to the people that own the networks -- organizations are being alerted to being compromised and their data being stolen," said Henry. This is both shocking and unacceptable.

When people think FBI they often think about national and nation-state adversaries. And there's no lack of speculation about these nation-states being the most threatening sources of these corporate attacks. This assessment doesn't come without cause. According to Henry, "dozens of our adversaries are extracting information from the U.S. every day, stealing corporate strategies, grabbing intellectual property, and looking for any competitive advantages they can find." [Also see: ""]

Henry also noted the threat implications where the U.S. critical infrastructure is concerned. "We're seeing an uptick in (ICS), the devices that control the nation's critical infrastructure," Henry said.