RSS Alerts

Related Links

  • 2009 CSI Survey
  • Elsevier Ltd is not responsible for the content of external websites.

Related Stories

  • Ponemon: Cost of breaches rising
    The Ponemon Institute has published its annual survey analyzing the cost of data breaches, and has found them rising. Its report, 2008 Annual Study: The Cost of a Data Breach, analyzed input from 43 US firms and found that the cost of the average breach was up 2.5% from last year. It had risen even more sharply since 2006, climbing 11%.
  • Data Breach Costs Rising
    The average cost of data breaches are rising, according to a report from the Ponemon Institute, which says that lost business is the biggest expense for companies that have their data pilfered.
  • IT lobbying groups merge
    Building a powerhouse cyber security public advocacy group, two leading technology lobbying groups, the Information technology Association of America (ITAA) and the Cyber Security Industry Alliance (CSIA), announced their intent to merge.
  • Nine Lives - Self-modifying Malware
    As the Conficker worm proved when it first appeared in October 2008, there’s more to a piece of malware code than meets the eye, especially when it is self-updating. But can self-updating also mean self-modifying? Steve Gold investigates whether an IT security manager’s nightmare has become a programming reality
  • New Data Integrity Attacks on the Block
    While the information security world has had its attention fixed on data loss prevention since the TJX breach in early 2007, it has failed to acknowledge the rising issue of data integrity attacks. Sarb Sembhi investigates a threat that he predicts will soon take the industry by storm.

News

Malware rebounds as cause of data loss

04 December 2009

Malware has rebounded to become the biggest cause of data loss in organizations, according to a report from the Computer Security Institute (CSI). Malware infections far exceed the next most common cause - laptop and mobile hardware theft - said the 2009 CSI Computer Crime and Security Survey.

The 2009 CSI Computer Crime and Security survey identified a number of shifts in significant cybersecurity threats this year. Malware infections jumped to 64% from 50%, reversing a dip in the number of companies experiencing malware infections that started in 2005. That year, the figure was 74%.

Other significant changes were an almost doubling in the percentage of companies that experienced password sniffing attacks, from 9% last year to 17% this year. And the percentage of respondents reporting financial fraud increased from 12% last year to one in five companies in 2009.

Companies were eager to buy technologies that would help them gain a better view of their security. "When asked what security solutions ranked highest on their wishlists, many respondents named tools that would improve their visibility - better log management, security information and event management, security data visualization, security dashboards and the like", said Sara Peters, senior editor at the CSI, and author of the report.

However, log management was among the technologies with which respondents were least satisfied.

But organizations still need to do a lot of work in terms of protecting their assets. Sadly, almost half of respondents had no formal data destruction policy in place. Around 10% had no policy at all, while nearly 20% had an informal policy in place.

There were some promising signs, however, that companies are making more of an effort to protect their data. The percentage of companies encrypting data at rest rose significantly to reach 62%. Other security technologies that increased in popularity included encryption of data in transit, and the use of network access control (NAC).

 

This article is featured in:
Data Loss Encryption Malware and Hardware Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Copyright © 2010
Elsevier Ltd. All rights reserved.
Terms & Conditions | Privacy | Website Design Working with water