Professional Documents
Culture Documents
April2012
OrganizationsExperiencingIncreaseinNumberof SecurityEvents
NumberofSecurityEventsDuringthePast12Monthsvs. thePrior12Months AverageNumberof Events <1,000=22 1,000+=300
2012
31%
10%
41%
18%
2011
28%
12%
39%
21%
Increased
Decreased
Nochange
Notsure
Q:Pleaseestimatethetotalnumberofcybersecurityeventsexperiencedbyyourorganizationduringthelast12months. Q:Whencomparedwiththeprior12months,cybersecurityeventsinyourorganizationshave: 2
Source:2012 CyberSecurityWatchSurvey, CSO magazine,U.S.SecretService, SoftwareEngineering InstituteCERTProgramat CarnegieMellonUniversity andDeloitte, April 2012
ConcernAboutCyberCrimesIncreasing
2012 2011
Levelofconcern hasnotchanged
32%
Moreconcerned
66%
Levelofconcern hasnotchanged
40%
Moreconcerned
56%
Less concerned
2%
Less concerned
5%
Q: Areyoumoreconcernedorlessconcernedaboutcybersecuritythreatsposedtoyourorganizationthisyearthanthoseyouencountered theyearbefore? 3
Source:2012 CyberSecurityWatchSurvey, CSO magazine,U.S.SecretService, SoftwareEngineering InstituteCERTProgramat CarnegieMellonUniversity andDeloitte, April 2012
FinancialImpactofCyberSecurityEventsontheRise
23%
2012 23%
7%
7%
47%
47%
23%
23%
$374k
average monetary lossduetoCyber Crimeattacksin thepast12 months,upfrom $123k in2011.
16%
2011 16%
10%
10%
43%
43%
31%
31%
NotSure
16%
2010 16%
7%
10%
35%
35%
42%
42%
Increased
Decreased
Nochange
Notsure
MajorityhaveEvaluationProcessforThirdPartyPartners
Notsure/ Dontknow
14%
28%
Yes,wehave aprocess inplace
29%
57%
36%
2011
29%
20%
48%
Yes
Notsure/ Dontknow
41%
Yes
32%
No
30%
No
Q: Doyouhaveamethodologythathelpsyoudeterminetheeffectivenessofyourorganizationssecurityprogramsbasedonclearmeasures? 6
Source:2012 CyberSecurityWatchSurvey, CSO magazine,U.S.SecretService, SoftwareEngineering InstituteCERTProgramat CarnegieMellonUniversity andDeloitte, April 2012
InsiderCyberCrimeCharacteristics
ViolationofITsecuritypolicies 50%
Managerconcernaboutbehavior/performance
19%
Formalreprimands/disciplinaryaction
14%
Poorperformancereviews
14%
Disruptiveworkplacebehavior
9%
Demotion
4%
Violencetowardscoworkers
2%
Q: Oftheinsiderswhocommittedcybercrimesagainstyourorganizationinthepast12months,pleaseindicatethepercentage(average) whodisplayedthesecharacteristics: 7
Source:2012 CyberSecurityWatchSurvey, CSO magazine,U.S.SecretService, SoftwareEngineering InstituteCERTProgramat CarnegieMellonUniversity andDeloitte, April 2012
ToLearnMore