  |
 |
|
Research and retrieval of news articles by: SPECIAL NOTE TO ALL VISITORS: | ||
 |
|
PROFILING CORPORATE INTERNET SECURITY VICTIMSSource: Internet WorldPosted on February 14, 2002 The threat your company faces from online aggressors is rising and is correlated to your size, visibility, and industry. That's the message of the new Internet Security Threat Report from Riptech, an Alexandria-Va.-based security-services company. It provides some interesting data that could come in handy for when you need to make the case for either more security spending or for new security procedures in your organization. Riptech looked at data on 128,678 cyber attacks from the last six months of 2001, culled from its clients' experiences, which included 5.5 billion firewall logs and IDS alerts. Among its findings: the average number of attacks per company increased 79 percent between July and December; less than 1 percent of those attacks were what Riptech calls "a severe and immediate threat" to the companies involved, but the increasing total means that that becomes 1 percent of a larger number; Nimda and Code Red accounted for a whopping 63 percent of all attacks; and more than 43 percent of the companies suffered at least one attack that "would have resulted in a successful breach had intervention not occurred." Certain findings in the survey were in contrast to popular perception, at least among those companies participating in the survey. When asked about security, many people might assume that e-commerce businesses are most at risk, thanks to all of the negative publicity they receive when they have an attack. But of the 11 categories in the report, e-commerce is third from last. In first place for suffering the most attacks is the high-technology industry, followed closely by financial services, power and energy, and media/entertainment. In addition, the larger the company, the more likely it is a target. That shouldn't come as a surprise. Riptech says the companies with more than 500 employees were hit with at least 50 percent more attacks per company than those with fewer than 500 employees. It found a slight increase as well for companies with more than 1,000 employees compared to those with fewer than 1,000. And public companies were twice as likely to suffer attacks than private and nonprofit companies. So what, you say? What good does it do you to know that you're a target because of the industry you're in? After all, you can't very well say that a highly vulnerable company can protect itself by simply switching industries, firing most of its employees to downsize, and buying back all of its stock. Life isn't that easy. "It's important for the IT professional or the security officer that his industry is, say, two times more likely to suffer attacks than others," says Tim Belcher, CTO of Riptech. "That speaks to their investment in security policy," giving that executive some statistical evidence to back up any plans he makes for greater spending. Belcher also suggests that reports like this can be used to assess a company's actual experience against some fairly specific industry benchmarks. (The report can be requested from Riptech's Web site at www.riptech.com.) It is still a sample only of Riptech's customers, but many enterprises will see themselves represented in the report's samplings. The report is therefore a welcome contribution to the field.
E-Commerce Alerts are issued by Bennett Gold LLP, Chartered Professional Accountants as situations develop. Bookmark this site and check back often. Our e-mail address is: info@BennettGold.ca In accordance with United States Code, Title 17, Section 107 and Article 10 of The Berne Convention on Literary and Artistic Works, the news clippings on this web site are made available without profit for research and educational purposes. |
|
ALERT  WebTrust Is Your Best Defense Against Privacy Breaches. Get WebTrust Working For Your Site. |