Isys20261 lecture 04
-
Upload
wil-ferraciolli -
Category
Documents
-
view
50 -
download
0
Transcript of Isys20261 lecture 04
Computer Security Management(ISYS20261)Lecture 4 - Facts and figures
Module Leader: Dr Xiaoqi Ma
School of Science and Technology
Computer Security ManagementPage 2
Previously on the show …
• Attacker: malicious entity that tries to compromise information security requirements (CIA)
• Attackers differ in– Motivation
– Ability
– Resources
– Readiness to assume risk
• Types of attackers:– Opportunist
– Emotional attacker
– Cold intellectual attacker
– Terrorist
– Insider
Computer Security ManagementPage 3
Today:
• CSI Computer Security Survey
• Overview
• Most common attacks
• Technologies used to combat attacks
• Actions taken
• Training issues
Computer Security ManagementPage 4
Computer Security Institute
• The Computer Security Institute (CSI) is a professional membership organization serving practitioners of information, network, and computer-enabled physical security, from the level of system administrator to the chief information security officer.
• It was founded in 1974.
• CSI is perhaps best known for the annual CSI/FBI Computer Crime and Security Survey, conducted by CSI with the collaboration of the San Francisco Federal Bureau of Investigation's Computer Intrusion Squad and researchers from the University of Maryland.
Computer Security ManagementPage 5
CSI Computer Security Survey
• Once a year CSI compiles a statistics about computer crime and security
• It runs for 15 years now
• CSI has asked its community how they were affected by network and computer crime in the prior year and what steps they’ve taken to secure their organizations
• In 2010/2011 survey, 351 high level security professionals responded
• The survey contains a number of questions about the costs of computer crime and the budgeting and financial management of information security risk
Computer Security ManagementPage 6
Respondents 2010/2011
• 10.6% financial sector
• 21.5% consulting
• 10.9% information technology
• 7.4% federal government of US
• 8.9% education
• 6.6% health services
• 3.2% local government
• 6.0% manufacturing
• 3.2% retail
• 21.8% others
Computer Security ManagementPage 7
Budgeting issues
Computer Security ManagementPage 8
Key findings (1)
• The most expensive computer security incidents were those involving financial fraud with an average reported cost of close to $500,000
• The second-most expensive, on average, was dealing with “bot” computers within the organization’s network, reported to cost an average of nearly $350,000
• Virus incidents occurred most frequently occurring at almost half (49 percent) of the respondents’ organizations
• Insider abuse of networks was second-most frequently occurring, at 44 percent, followed by theft of laptops and other mobile devices (42 percent)
Computer Security ManagementPage 9
Key findings (2)
• Almost one in ten organizations reported they’d had a Domain Name System incident
• Twenty-seven percent of those responding to a question regarding “targeted attacks said they had detected at least one such attack”
• The vast majority of respondents said their organizations either had (68 percent) or were developing (18 percent) a formal information security policy
• Only 1 percent said they had no security policy
Computer Security ManagementPage 10
Percentage of key types of incidents
Computer Security ManagementPage 11
Key incidences over the last six years
Computer Security ManagementPage 12
Technologies used for security
Computer Security ManagementPage 13
Techniques used to evaluate security
Computer Security ManagementPage 14
Awareness training metrics
Computer Security ManagementPage 15
Actions taken after an incident
Computer Security ManagementPage 16
Reasons for not reporting*
*Average response on a scale from 1 (no importance) to 7 (great importance)
Computer Security ManagementPage 17
Average loss per respondent
Computer Security ManagementPage 18
Summary
• The CSI survey is a good source of information
• It can be used to identify trends
• It is published annually
• However, its findings are only as good as the responses from the community!