Presentation is loading. Please wait.

Presentation is loading. Please wait.

Framework Chapter 1 Panko, Corporate Computer and Network Security Copyright 2002 Prentice-Hall.

Published byLee Eaton Modified over 8 years ago

Similar presentations

Presentation on theme: "Framework Chapter 1 Panko, Corporate Computer and Network Security Copyright 2002 Prentice-Hall."— Presentation transcript:

1

2 Framework Chapter 1 Panko, Corporate Computer and Network Security Copyright 2002 Prentice-Hall

3 2 Figure 1-1: CSI/FBI Computer Crime and Security Survey How Bad is the Threat? Survey conducted by the Computer Security Institute (http://www.gocsi.com).http://www.gocsi.com  Based on replies from 503 U.S. Computer Security Professionals.  If fewer than 20 firms reported quantified dollar losses, data for the threat are not shown.

4 3 Figure 1-1: CSI/FBI Computer Crime and Security Survey ThreatPercent Reporting an Incident 1997 Percent Reporting an Incident 2002 Average Annual Loss per Firm (x1000) 1997 Average Annual Loss per Firm (x1000) 2002 Viruses82%85%$76$283 Laptop Theft58%65%$38$89 Denial of Service 24%40%$77$297 System Penetration 20%40%$132$226 Unauthorized Access by Insiders 40%38%NA

5 4 Figure 1-1: CSI/FBI Computer Crime and Security Survey ThreatPercent Reporting an Incident 1997 Percent Reporting an Incident 2002 Average Annual Loss per Firm (x1000) 1997 Average Annual Loss per Firm (x1000) 2002 Theft of Intell. Prop. 20% $954$6,571 Fin. Fraud12% $958$4,632 Sabotage14%8%$164$541 Telecom Fraud 27%9%NA Telecom Eavesdrop. 11%6%NA Act. Wiretap3%1%NA

6 5 Figure 1-2: Other Empirical Attack Data Riptech  Analyzed 5.5 billion firewall log entries in 300 firms in five-month period  Detected 128,678 attacks—an annual rate of 1,000 per firm  Only 39% of attacks after viruses were removed were directed at individual firms

7 6 Figure 1-2: Other Empirical Attack Data Riptech  23% of all firms experienced a highly aggressive attack in a 6-month period  Only one percent of all attacks, highly aggressive attacks are 26 times more likely to do severe damage than even moderately sophisticated aggressive attacks

8 7 Figure 1-2: Other Empirical Attack Data SecurityFocus  Data from 10,000 firms in 2001  Attack Frequency 129 million network scanning probes (13,000 per firm) 29 million website attacks (3,000 per firm) 6 million denial-of-service attacks (600 per firm)

9 8 Figure 1-2: Other Empirical Attack Data SecurityFocus  Attack Targets 31 million Windows-specific attacks 22 million UNIX/LINUX attacks 7 million Cisco IOS attacks All operating systems are attacked!

10 9 Figure 1-2: Other Empirical Attack Data U.K. Department of Trade and Industry  Two-thirds of U.K. firms surveyed lost less than $15,000 from their worst incident  But 4% lost more than $725,000

11 10 Figure 1-2: Other Empirical Attack Data MessageLabs  One in every 200 to 400 e-mail messages is infected  Most e-mail users are sent infected e-mail several times each year  The percentage of e-mails that are infected is rising

12 11 Figure 1-2: Other Empirical Attack Data Honeynet project  Fake networks set up for adversaries to attack  To understand how adversaries attack  Windows 98 PC with open shares and no password compromised 5 times in 4 days  LINUX PCs took 3 days on average to compromise

Download ppt "Framework Chapter 1 Panko, Corporate Computer and Network Security Copyright 2002 Prentice-Hall."

Similar presentations

Symantec 2004 Pulse of IT Security in Canada Volume II Survey shows Increases in Concern and Spending for IT Security Andrew Bisson Director, Planning.

Symantec 2004 Pulse of IT Security in Canada Volume II Survey shows Increases in Concern and Spending for IT Security Andrew Bisson Director, Planning.
The Whole/Hole of Security Public (DoD) v. Corporate Carl Bourland US Army Judge Advocate Generals Corps.

The Whole/Hole of Security Public (DoD) v. Corporate Carl Bourland US Army Judge Advocate Generals Corps.
Rodney Buike IT Pro Advisor, Microsoft Canada

Rodney Buike IT Pro Advisor, Microsoft Canada
Attacks Framework Attacks Physical Access Attacks -- Wiretapping Server Hacking Vandalism Dialog Attacks -- Eavesdropping Impersonation Message Alteration.

Attacks Framework Attacks Physical Access Attacks -- Wiretapping Server Hacking Vandalism Dialog Attacks -- Eavesdropping Impersonation Message Alteration.
CSI 2005 Computer Crime Survey Put together by J. Scott, 2006 Using Graphics and Text from the Published CSI/FBI 2005 Crime Survey.

CSI 2005 Computer Crime Survey Put together by J. Scott, 2006 Using Graphics and Text from the Published CSI/FBI 2005 Crime Survey.
7 Effective Habits when using the Internet Philip O’Kane 1.

7 Effective Habits when using the Internet Philip O’Kane 1.
Security for Today’s Threat Landscape Kat Pelak 1.

Security for Today’s Threat Landscape Kat Pelak 1.
Forensic and Investigative Accounting Chapter 16 Cybercrime Loss Valuations © 2011 CCH. All Rights Reserved. 4025 W. Peterson Ave. Chicago, IL 60646-6085.

Forensic and Investigative Accounting Chapter 16 Cybercrime Loss Valuations © 2011 CCH. All Rights Reserved W. Peterson Ave. Chicago, IL
2 3 4 5 6 www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/

7.1 Copyright © 2011 Pearson Education, Inc. 7 Chapter Securing Information Systems.

7.1 Copyright © 2011 Pearson Education, Inc. 7 Chapter Securing Information Systems.
CERT ® System and Network Security Practices Presented by Julia H. Allen at the NCISSE 2001: 5th National Colloquium for Information Systems Security Education,

CERT ® System and Network Security Practices Presented by Julia H. Allen at the NCISSE 2001: 5th National Colloquium for Information Systems Security Education,
Security Chapter 9 Copyright 2004 Prentice-Hall Panko’s Business Data Networks and Telecommunications, 5 th edition.

Security Chapter 9 Copyright 2004 Prentice-Hall Panko’s Business Data Networks and Telecommunications, 5 th edition.
COS 338 Day 16. DAY 16 Agenda Capstone Proposals Overdue 3 accepted, 3 in mediation Capstone progress reports still overdue I forgot to mark in calendar.

COS 338 Day 16. DAY 16 Agenda Capstone Proposals Overdue 3 accepted, 3 in mediation Capstone progress reports still overdue I forgot to mark in calendar.
A Look at the 2004 CSI/FBI Computer Crime and Security Survey Robert Richardson Editorial Director Computer Security Institute How to Use Statistics in.

A Look at the 2004 CSI/FBI Computer Crime and Security Survey Robert Richardson Editorial Director Computer Security Institute How to Use Statistics in.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
1 Understanding Botnet Phenomenon MITP 458 - Kevin Lynch, Will Fiedler, Navin Johri, Sam Annor, Alex Roussev.

1 Understanding Botnet Phenomenon MITP Kevin Lynch, Will Fiedler, Navin Johri, Sam Annor, Alex Roussev.
FIT3105 Security and Identity Management Lecture 1.

FIT3105 Security and Identity Management Lecture 1.
Global Information Security Issues According to the E&Y Global Survey, Managers Say the Right Thing… –90% of 1400 companies surveyed in 66 countries say.

Global Information Security Issues According to the E&Y Global Survey, Managers Say the Right Thing… –90% of 1400 companies surveyed in 66 countries say.

Similar presentations

Ads by Google