Scope of the Challenge

The "2007 CSI/FBI Computer Crime and Security Survey" is a fascinating document that provides insight into trends in network attacks from 2004 to 2007. A copy of this document can be downloaded from http://i.cmpnet.com/v2.gocsi.com/pdf/CSISurvey2007.pdf.

As an example of the information contained in this document, Figure 1-1 shows the average number of security incidents reported by 208 respondents for the years 2004 to 2007. Notice that the percentage of respondents reporting more than 10 incidents in a year dramatically increased in 2007.

Figure 1-1 Incidents in the Past 12 Months (Source: "2007 CSI/FBI Computer Crime and Security Survey")

50 45 40

o 30

Figure 1-1 Incidents in the Past 12 Months (Source: "2007 CSI/FBI Computer Crime and Security Survey")

50 45 40

o 30

en 35

6 to 10 More than 10 Unknown

Number of Incidents

6 to 10 More than 10 Unknown

Number of Incidents

2004

The following is a further sampling of information contained in the survey:

■ The average financial loss from computer crime/security incidents increased from $168,000 in 2006 to $350,424 in 2007.

■ Of the survey respondents who reported one or more attacks, 18 percent of those attacks were "targeted" attacks (that is, an attack not targeting the general population).

■ Before the 2007 report, viruses were the leading contributor to financial losses for seven years in a row. However, in the 2007 report, viruses fell to the second leading cause of financial losses, with financial fraud rising to the number one factor.

0 0

Post a comment