November 01, 2006 — CSO —
Crime-Stopper Punch List
Electronic crime
CSO's annual e-crime poll, conducted in conjuncÂtion with Carnegie Mellon University's CERT Coordination Center and the U.S. Secret Service, with underwriting by Microsoft, shows some signs of progress this year in the battle against electronic crime. A whopping 69 percent of respondents said they feel their organization is better prepared this year to prevent cybercrime than it was last year, for example. But electronic crime is clearly widespread; 36 percent of this year's respondents say they're still seeing an increase, about the same response as last year.
Sixty-three percent of respondents said operational losses (system downtime, lost productivity) are the most common consequence of e-crime, while 40 percent cited financial losses. Respondents also indicated that while they identify outsiders as the main perpetrators of electronic crime (accounting for 58 percent of the incidents), insiders are a significant risk (27 percent).
The survey also asked respondents about the effectiveness of various security technologies and techniques. The top-scoring answers (see the chart) include some of the usual suspects, such as stateful firewalls, but CISOs will want to look at whichever high-ranked pieces are not part of their current set of basic defenses. For full results of the survey and a related audio interview with officials from CERT, go to www.csoonline.com.
Technologies most commonly rated as "very effective" or "somewhat effective" in detecting and/or countering security events:
Stateful firewalls 87%
Electronic access control systems* 86%
Password complexity 80%
Network-based antivirus 74%
Encryption 74%
Application layer firewalls 73%
Heuristics-based spam filtering 71%
Badging 68%
Network-based policy enforcement 67%
SOURCE: The e-Crime study was conducted by CSO in conjunction with the CERT Coordination Center at Carnegie Mellon University and the U.S. Secret Service, with underwriting by Microsoft. Total response base was 434. Full results and methodology can be found at www.csoonline.com.
ecrime survey
Security Directions: A Virtual Conference
Available On Demand Sept. 30 - Dec. 30
Join us for a virtual event with candid, expert information on top security challenges and issues - all from the comfort of your desktop.
Protecting PII: How to Work with IT to Manage Risk
Understand the critical nature of the test data privacy problem and get tips on how to work with IT to implement a test data privacy program.
- Upgrading to VMware vSphere with vWire
- Removing Barriers To Better Server Virtualization Efficiency
- Practical Approaches for Securing Web Applications across the Software Delivery Lifecycle
- Staying A Step Ahead of the Hackers: The Importance of Identifying Critical Web Application Vulnerabilities
- Managing A Growing Threat: An Executive's Guide to Web Application Security
- The Forrester Wave™: Web Filtering, Q2 2009
Get instant notifications when whitepapers, webcasts and case studies are added
to our library. Sign up for a Resource Alert now!
CSO Corporate Partners
CSO Perspectives
-
April 5-7, 2010Hyatt Regency Santa ClaraClick here for more information!
Santa Clara, California
(ISC)2 members can earn up to 24 CPE Credits!
