Security Survey

["Briney, Andy" <abriney () ICSA NET>]

New research confirms that corporations are spending more and more money on
securing their digital information, but cybersecurity breaches continue to
climb anyway.

According to a survey published this month in Information Security magazine
(http://www.infosecuritymag.com/2000survey.pdf), the number of companies
spending more than $1 million annually on computer security nearly doubled
in the past year, and is up by 188 percent over the last two years.
Nevertheless, security breaches originating from both inside and outside the
corporation continue to grow as the threat of outside hackers and
deviant/careless employees increases.

"The 2000 Information Security Industry Survey" appears in the September
2000 issue of Information Security, an independent magazine published by
ICSA.net, the Reston-Va.-based Internet security assurance company. The
survey was completed by 1,897 high-tech and infosecurity professionals.
Co-sponsored by ICSA and Global Integrity Corp., the study also reveals
statistics on the relationship between e-commerce and security risk,
security software and protocol use, and the effectiveness of information
security policies in mitigating threats and cyberattacks.

On the heels of this year's LOVEBUG and Life Stages viruses, the Information
Security survey confirms that viruses and malware attacks are on the rise.
Eight out of 10 companies were hit with a destructive virus this year.
Compared to 1999, nearly twice as many companies this year experienced
insider attacks related to the theft, sabotage or intentional destruction of
computing equipment. Meanwhile, the number of organizations in which
employees intentionally disclosed or destroyed proprietary corporate
information increased by 41 percent.

Companies conducting B2B or B2C e-commerce are at higher risk of attack,
according to the survey. E-commerce sites experienced more attacks in 15 out
of 16 categories measured in the study. For instance, companies conducting
e-commerce were twice as likely to have their Web servers attacked by
hackers.

The number one security project of survey respondents was protecting their
Web sites against such attacks, the study showed. One in four (25 percent)
said "security for Web and/or e-commerce operations" was their single most
important project, a statistic that reflects the growing role of computer
security in the new economy.

The study also shows that the best defense against security attacks and
incidents is a layered defense: the use of overlapping computer technologies
to detect and react to security breaches and incidents. Companies deploying
multiple computer security tools detect a far greater number of attacks than
those using fewer security controls.

For complete survey results, visit
http://www.infosecuritymag.com/2000survey.pdf

ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".