2005 CSI & FBI COMPUTER CRIME AND SECURITY SURVEY
2005CSI/FBI
COMPUTER CRIME
AND SECURITY SURVEY
The Computer Crime and Security Survey is conducted
by the Computer Security Institute (CSI) with
the participation of the San Francisco Federal Bureau
of Investigation’s (FBI) Computer Intrusion Squad.
The survey is now in its 10th year and is, we believe,
the longest-running continuous survey in the information
security field.
This year’s survey results are based on the responses
of 700 computer security practitioners in U.S. corporations,
government agencies, financial institutions,
medical institutions and universities.
The 2005 survey addresses the major issues considered
in earlier CSI/FBI surveys, thus allowing us to analyze
important computer security trends. The
long-term trends considered in the survey include:
❏ Unauthorized use of computer systems.
❏ The number of incidents from outside, as well as
inside, an organization.
❏ Types of attacks or misuse detected.
❏ Actions taken in response to computer intrusions.
This year’s survey also addresses several emerging security
issues that were first probed only with the 2004
CSI/FBI survey. In this regard, some perspective is
now gained on the below new issues that were introduced
in last year’s survey. All of the following issues
relate to the economic decisions organizations make
regarding computer security and the way they manage
the risk associated with security breaches:
❏ How organizations evaluate the performance of
their investments in computer security.
❏ The security training needs of organizations.
❏ The level of organizational spending on security
investments.
❏ The impact of outsourcing on computer security
activities.
❏ The role of the Sarbanes-Oxley Act of 2002 on security
activities.
❏ The use of security audits and external insurance.
❏ The portion of the IT (information technology)
budget organizations devote to computer security.
页:
[1]