Mikael, As part of my degree project I compliled stastics from sixty some IT security studies, questionnaires and surveys including some information from the PWC survey. I never got a copy of the full survey, just compiled a number of articles that quoted statistics from it.
According to the combined totals of these surveys Untentional/Accidental acts accounted for 52% of all security incidents. When combined with intentional acts insiders accounted for more than 90% of all security violations. It is not sensible to use the result of any one survey to draw any specific conclusion or make any well-reasoned decisions. "Studies and Survey of Computer Crime" by Dr. M.E. Kabay (Norwich University) has some interesting insights. Some other interesting results that may add some insight to the figure include: 45% reported missing or inadequate policies, 58% reported an inadequate or missing security function/organization, 51% reported missing or inadequate security procedures, and over 60% reported inadequate operational reviews of security effectiveness. The best security practice? Employee monitoring 58% This figure includes all kinds of monitoring but the most common was Internet usage. -- Bill Stackpole, CISSP ----- Original Message ----- From: "Mikael Olsson" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Saturday, May 04, 2002 1:52 AM Subject: The majority of IT threats not internal any more? > > (This is actually a month and a half old, but I've seen little or > no talk about it, so I thought I ought to bring it up anyway) > > According to this: http://www.it-analysis.com/article.php?id=2175 > many large companies in the UK no longer feel that the majority of > threats are internally originated. > > They're referencing a report compiled by PricewaterhouseCoopers > for the department of trade and industry. Anyone got a better > link to something with a little more detail? > > > Thanks > /Mikael > > -- > Mikael Olsson, Clavister AB > Storgatan 12, Box 393, SE-891 28 �RNSK�LDSVIK, Sweden > Phone: +46 (0)660 29 92 00 Mobile: +46 (0)70 26 222 05 > Fax: +46 (0)660 122 50 WWW: http://www.clavister.com > _______________________________________________ > Firewalls mailing list > [EMAIL PROTECTED] > For Account Management (unsubscribe, get/change password, etc) Please go to: > http://lists.gnac.net/mailman/listinfo/firewalls _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] For Account Management (unsubscribe, get/change password, etc) Please go to: http://lists.gnac.net/mailman/listinfo/firewalls
