CSI Computer Crime and Security Survey 2010/2011


The Computer Security Institute (CSI) completes regular surveys that identify many of the trends related to IT security. The 2010/2011 report includes responses from 5,412 security practitioners.
Some of the notable findings in this report were:
  Malware infections are the most commonly seen attack. Over 67 percent of respondents reported malware infections. This is an increase of 3 percent from the previous year. The lowest was 50 percent in 2007.
  About 29 percent said zombies within their network. A zombie is a computer joined to a botnet. This is an increase of 5 percent from the previous year.
  Most respondents attribute losses to outsiders. Almost 60 percent indicated they did not believe any of their losses were due to malicious insiders.
  Only about 25 percent reported insider abuse of network access or e-mail usage. This is a significant reduction from a high of 59 percent in 2007.
  Of respondents indicating incidents, 45.6 percent reported they were the subject of at least one targeted attack. The trend is more attacks from advanced persistent threats (APTs).
  Losses due to financial fraud declined from almost 19 percent to about 8 percent during the period.
  Respondents indicated that regulatory compliance efforts had a positive effect on their security programs.
  Nearly half of the organizations reported they were using cloud computing, but only 10 percent indicated they were using cloud-specific security tools.
(Gibson 35)
Gibson, Darril. Managing Risk in Information Systems, 2nd Edition. Jones & Bartlett Learning, 07/2014. VitalBook file.
The citation provided is a guideline. Please check each quote for accuracy before use.