The IT security tasks usually get higher priorities as security gets higher attention for reasons like managers attention, new security issues (attacks, data stealing, Etc).
Most IT security professionals have a continues plan to continuously improve the data security within the company, organization. The successful IT professionals not only having the plans but also following the plans and makes the necessary updates accordingly. One of the rules of the thumb is to keep the IT security as high as possible even during the public holidays and other occasions when the monitoring and security attentions are weak. According to the Internet security company McAffe the recent cyber attacks in China did also happen during December 15-2009 and January 4-2010. Of course the recent cyber attacks could happen due to some technical security holes in some browsing product(s) but it seems that one of the reasons that cyber attackers were more “successful” was due to the fact that the attacks could continue in almost 2-3 weeks during a period of time that the IT security within companies had less IT security focus and consequently weak.
I do remember a blog post from Elisabeth Stjernstoft on December 28, 2009
Glöm inte it-säkerheten i juletid (do not forget the IT- security during the Christmas!)
Thanks a lot Elisabeth Stjernstoft!