Members
  • Total Members: 14197
  • Latest: Levine
Stats
  • Total Posts: 43425
  • Total Topics: 16522
  • Online today: 2714
  • Online ever: 51419
  • (01. January 2010., 10:27:49)
Users Online
Users: 1
Guests: 2695
Total: 2696









Author Topic: Insiders cause more computer security problems than viruses  (Read 2969 times)

0 Members and 1 Guest are viewing this topic.

Amker

  • SCF Global Moderator
  • *****
  • Posts: 1076
  • KARMA: 22
  • Gender: Male
    • SCforum.info
Insiders cause more computer security problems than viruses
« on: 17. September 2007., 16:24:25 »
The Computer Security Institute has just released the 2007 edition (PDF) of its long-running "Computer Crime and Security Survey," and it offers some dreary news for overworked computer security admins: average losses from attacks have surged this year. More surprising is the finding that the single biggest security threat faced by corporate networks doesn't come from virus writers any more; instead, it comes from company insiders.

CSI has been running this survey for over a decade and has seen average losses from security breaches drop every year from 2002 to 2006. Investments in security seemed to be paying off; in 2006, the average breach cost companies an estimated $168,000, way down from five years earlier. But in 2007, the numbers skyrocketed. Each breach this year costs an estimated $350,454 to repair.

Financial fraud and viruses caused most of the monetary losses, but both have fallen in frequency over the last few years. Only 12 percent of all respondents reported financial fraud at their institutions. Viruses, which used to plague 90 percent of all companies in 2001, now affect only 52 percent.

It's internal users who are now causing the greatest number of problems, though they may also cause minimal damage. Hiding porn on an office PC, using unlicensed software, and abusing e-mail all count as security incidents, though all pale in comparison to one successful phishing trip. These sorts of internal incidents can be pesky, though, and 59 percent of all respondents had to deal with them in the last year.

The CSI study has a major weakness: it's an "informal" study distributed to CSI members and conference-goers. The estimates of money lost to damages are, in one author's own words, "estimates." "Some of them," in fact, "are  probably altogether approximate guesses."

Still, the study has been sampling this group of computer security people for a decade, so the report's conclusions seem to accurately track their perceptions of security; whether they represent reality is another question. But as the report notes correctly that "when a group of professionals reports a significant reversal in a five-year trend of diminishing losses, we should be inclined to perk up our ears."
By Nate Anderson   
Ars technica
# Online Anti-Malware Scanners: http://scforum.info/index.php/topic,734.0.html

Samker's Computer Forum - SCforum.info

Insiders cause more computer security problems than viruses
« on: 17. September 2007., 16:24:25 »

 

With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Verification:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters):www.codekids.ba:

Enter your email address to receive daily email with 'SCforum.info - Samker's Computer Forum' newest content:

Kursevi programiranja za ucenike u Sarajevu

Terms of Use | Privacy Policy | Advertising
TinyPortal 2.3.1 © 2005-2023