I have 10 years experience writing software, the last 5 of which has been writing ASP applications. I started working for a small firm this spring and have become the defacto security expert. I guess I know more than the people I work with, but not much about computer security in particular, so I am sure this will be a very educational experience for me.