CSI Computer Crime and Security Survey 2010/2011

The Computer Security Institute (CSI) completes regular surveys that identify many of the trends related to IT security. The 2010/2011 report includes responses from 5,412 security practitioners.

Some of the notable findings in this report were:

•  Malware infections are the most commonly seen attack. Over 67 percent of respondents reported malware infections. This is an increase of 3 percent from the previous year. The lowest was 50 percent in 2007.

•  About 29 percent said zombies within their network. A zombie is a computer joined to a botnet. This is an increase of 5 percent from the previous year.

•  Most respondents attribute losses to outsiders. Almost 60 percent indicated they did not believe any of their losses were due to malicious insiders.

•  Only about 25 percent reported insider abuse of network access or e-mail usage. This is a significant reduction from a high of 59 percent in 2007.

•  Of respondents indicating incidents, 45.6 percent reported they were the subject of at least one targeted attack. The trend is more attacks from advanced persistent threats (APTs).

•  Losses due to financial fraud declined from almost 19 percent to about 8 percent during the period.

•  Respondents indicated that regulatory compliance efforts had a positive effect on their security programs.

•  Nearly half of the organizations reported they were using cloud computing, but only 10 percent indicated they were using cloud-specific security tools.

(Gibson 35)

Gibson, Darril. Managing Risk in Information Systems, 2nd Edition. Jones & Bartlett Learning, 07/2014. VitalBook file.

The citation provided is a guideline. Please check each quote for accuracy before use.