[Moderator: I have a feeling that the stats have shifted because of the
media hype and subsequent awareness of Internet based attacks. That these
admins reporting to the CSI survey are now turning their eyes away from
internal threat. Of course, that means it is still there and remains
as big of a concern. It also shifts the percentages in surveys like this,
often times without reason.]
Forwarded From: darek milewski <darekm@cmeasures.com>
____Study: Security Threats From Outside On The Rise____
Businesses are now just as likely to get hit from the outside by a
security attack as from within their own firewall, according to the
results of the Computer Security Institute's annual "Computer Crime and
Security" survey. For the third year in a row, system penetration from
outside the company rose, with 57% of the 521 respondents reporting
assaults on their Internet connections. That number, driven by the growth
of Internet and extranet applications and the disappearance of an
enterprise border, is up from 37% the previous year.
"The old rule that we would see 80% of the penetration coming from the
inside, 20% from the outside, is outmoded," says Richard Power, editorial
director for the institute. "This isn't to say the threat from the inside
has diminished -- it hasn't. It is just showing that the threat from
outside is now co-equal to it."
The news from this study of security professionals wasn't all bad.
Firewall deployments, security technology implementations, and overall
awareness are growing. The overwhelming majority of the respondents hit by
an intrusion in the last 12 months filled in known holes to keep hackers
at bay. Unfortunately, the intrusions were probably expensive. Of the 31%
of survey respondents able to quantify financial losses due to a breech,
the average cost carried a tab of $1.8 million. -- Amy K. Larsen
-o-
Subscribe: mail majordomo@repsec.com with "subscribe isn".
Today's ISN Sponsor: Internet Security Institute [www.isi-sec.com]
Received on Thu Mar 11 17:32:02 1999