With the vast majority of security spending focused on the smallest part of the problem, IT managers need to look more closely at a variety of common network security mistakes - from misconfigured servers, routers, firewalls or other devices, to the existence of rogue segments and improper application usage - before making further investments.