The comprehensive findings of a year-long survey of security program managers from enterprising companies are now available from the Computer Security Institute (CSI). In its 15th year, this far-reaching study is the only independent report to provide unbiased information and analysis about targeted attacks, unauthorized access, incident response, and the economic decisions organizations make regarding computer security, and the way they manage the risk associated with security breaches.
Key findings from the 2010/2011 CSI Computer Crime and Security Survey include:
— Almost half of the respondents experienced a security incident, with 45.6% of them reporting they had been subject of at least one targeted attack.
— Malware infection continues to be the most commonly seen attack.
— Fewer financial frauds were reported than in previous years, with only 8.7% saying they had seen this type of incident.
— Tools that improve visibility into networks, Web applications, and endpoints were ranked among the highest on information security and information technology manager’s wish lists, including better log management, security information and event management, security data visualization, and security dashboards.