Isys20261 lecture 04


Published on

  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Isys20261 lecture 04

  1. 1. Computer Security Management(ISYS20261)Lecture 4 - Facts and figures Module Leader: Dr Xiaoqi Ma School of Science and Technology
  2. 2. Previously on the show …• Attacker: malicious entity that tries to compromise information security requirements (CIA)• Attackers differ in – Motivation – Ability – Resources – Readiness to assume risk• Types of attackers: – Opportunist – Emotional attacker – Cold intellectual attacker – Terrorist – InsiderComputer Security ManagementPage 2
  3. 3. Today:• CSI Computer Security Survey• Overview• Most common attacks• Technologies used to combat attacks• Actions taken• Training issuesComputer Security ManagementPage 3
  4. 4. Computer Security Institute• The Computer Security Institute (CSI) is a professional membership organization serving practitioners of information, network, and computer-enabled physical security, from the level of system administrator to the chief information security officer.• It was founded in 1974.• CSI is perhaps best known for the annual CSI/FBI Computer Crime and Security Survey, conducted by CSI with the collaboration of the San Francisco Federal Bureau of Investigations Computer Intrusion Squad and researchers from the University of Maryland.Computer Security ManagementPage 4
  5. 5. CSI Computer Security Survey• Once a year CSI compiles a statistics about computer crime and security• It runs for 15 years now• CSI has asked its community how they were affected by network and computer crime in the prior year and what steps they’ve taken to secure their organizations• In 2010/2011 survey, 351 high level security professionals responded• The survey contains a number of questions about the costs of computer crime and the budgeting and financial management of information security riskComputer Security ManagementPage 5
  6. 6. Respondents 2010/2011• 10.6% financial sector• 21.5% consulting• 10.9% information technology• 7.4% federal government of US• 8.9% education• 6.6% health services• 3.2% local government• 6.0% manufacturing• 3.2% retail• 21.8% othersComputer Security ManagementPage 6
  7. 7. Budgeting issuesComputer Security ManagementPage 7
  8. 8. Key findings (1)• The most expensive computer security incidents were those involving financial fraud with an average reported cost of close to $500,000• The second-most expensive, on average, was dealing with “bot” computers within the organization’s network, reported to cost an average of nearly $350,000• Virus incidents occurred most frequently occurring at almost half (49 percent) of the respondents’ organizations• Insider abuse of networks was second-most frequently occurring, at 44 percent, followed by theft of laptops and other mobile devices (42 percent)Computer Security ManagementPage 8
  9. 9. Key findings (2)• Almost one in ten organizations reported they’d had a Domain Name System incident• Twenty-seven percent of those responding to a question regarding “targeted attacks said they had detected at least one such attack”• The vast majority of respondents said their organizations either had (68 percent) or were developing (18 percent) a formal information security policy• Only 1 percent said they had no security policyComputer Security ManagementPage 9
  10. 10. Percentage of key types of incidentsComputer Security ManagementPage 10
  11. 11. Key incidences over the last six yearsComputer Security ManagementPage 11
  12. 12. Technologies used for securityComputer Security ManagementPage 12
  13. 13. Techniques used to evaluate securityComputer Security ManagementPage 13
  14. 14. Awareness training metricsComputer Security ManagementPage 14
  15. 15. Actions taken after an incidentComputer Security ManagementPage 15
  16. 16. Reasons for not reporting** Average response on a scale from 1 (no importance) to 7 (great importance)Computer Security ManagementPage 16
  17. 17. Average loss per respondentComputer Security ManagementPage 17
  18. 18. Summary• The CSI survey is a good source of information• It can be used to identify trends• It is published annually• However, its findings are only as good as the responses from the community!Computer Security ManagementPage 18