As we replacing our existing WEP infrastructure across multiple offices, we are weighing the value of upgrading to WPA versus WPA2 (both PSK). We have several different types of devices that do not support WPA2, so moving to that protocol has additional costs involved.
What I would like to know is what are the threats to WPA-PSK wireless networks? With that information, we will be able to balance the upgrade costs versus security threats.
WPA is "pretty secure", while WPA2 is "very secure". There are partial attacks against WPA in the wild already, and more complete attacks are expected to appear over time. WPA2 (using AES rather than TKIP) has no known vulnerabilities yet.
As you said, the decision as to which you choose is mostly up to the value of your data, but my personal suggestion is to migration to WPA2 now, rather than having to do it when a practical attack is discovered sometime in the next few years. Putting your wireless on a segregated subnet and treating it almost like "the internet" in terms of what access is allowed is also a good idea, given how easy it is to sniff.
Nice summary page: http://imps.mcmaster.ca/courses/SE-4C03-07/wiki/bournejc/wireless_security.html#2
EDIT: actually, the aircrack-ng team don't think WPA will be cracked anytime soon.
I guess I will update this question with some new information. A new attack can crack WPA with TKIP in a minute. An article regarding this is now on Network World.
It looks like the only secure option is to use WPA2 (WPA with AES).
Update: There is a new report of a vulnerability in WPA2 - http://www.airtightnetworks.com/WPA2-Hole196
To summarize, a computer authenticated to your WPA2 wireless network could be able to decrypt other authorized wireless connections.
While there are no known cryptographic attacks against AES,TKIP (which can be used with both WPA and WPA2) has been shown to be vulnerable to some classes of attack. By FAR the primary attack vector for both WPA and WPA2 is the pre-shared key. Attacking a WPA or WPA2 secured network with a weak pre-shared key (aka password) is a very simple matter with commonly available tools (which have a wikipedia page, so they can't be that bad ;) Use them only for good to test your own network...)
The tools that are publicly available can remotely de-authenticate an authorized user and then capture the authentication traffic (only 4 packets are required if I recall correctly), at which point the pre-shared key (aka password) can be brute-forced offline (again with commonly available tools, and massive rainbow tables are available to significantly speed up the process). Just as with most cryptographic systems, the password is the weak point. If you have super-fancy high-end Cisco wireless gear secured by WPA2 and use a password of mypass, you are ripe for compromise.
If you are looking to invest in something to secure your wireless network, choose AES over TKIP, and use a long password (pre-shared key) with high entropy (Upper, Lower, Number, Special Characters, etc). If you want to go buck-wild, setting up 802.1x/RADIUS will do much more than moving from WPA to WPA2 (although that would require a significant amount of time/knowledge to setup and administer).
