More security measures do not necessarily mean that your company is more secure and will experience fewer attacks. In fact, according to an FBI report released last week, there is a "significantly positive correlation between the number of security measures employed and the number of denial-of-service attacks".
The report states: "It is likely that organisations that are attractive targets of attacks are also most likely to both experience attack attempts and to employ more aggressive computer security measures. Also, organisations employing more technology would likely be better able to be aware of computer security incidents aimed at their organisations."
Asked what kind of security technology they have invested in, 98% of respondents to the 2005 FBI Computer Crime Survey said anti-virus software. Firewalls were close behind with more than 90% either using software or hardware firewalls.
Operating system safeguards - limits on which users could install software, password complexity requirements and periodic password changes, for example - were used by about half of respondents.
Virtual private networks proved to be a popular means of achieving security for 46% of respondents. Advanced techniques like biometrics (4%) and smartcards (7%) were implemented more infrequently.
The vast majority of respondents (87%) said they experienced some type of computer security incident. The average organisation experienced several different types of incidents, including virus-borne attacks and port scans, the report said.
More than 79% said they had been affected by spyware and almost 84% were affected by a virus attack at least once in the last 12 months, despite the almost universal use of anti-virus software. Port scans were detected by 33% of respondents, though the report suggests a higher number of scans have gone undetected.
Respondents were also asked if they had experienced attacks at the hands of insiders. Of those who answered the question, 44% said they had experienced intrusions from within their organisation.
While the insider threat is real for all organisations, the report said that overall, more than twice as many incidents came from outside the organisation than from within, which "underlines the importance of intrusion prevention / detection systems as well as firewalls, logs, password complexity, and other technology and physical security measures."
Meanwhile, 25% of those experiencing unauthorised access believed they had been hit from both inside and outside their organisation.
When asked what they did after learning of a security incident. The top two responses were to install security updates and install additional computer security software.
The 2005 FBI Computer Crime Survey was taken by 2 066 organisations in Iowa, Nebraska, New York and Texas.
Share