Survey: Cybercrime down, costs up

Computer Security Institute's summary of survey

The latest results of an annual survey on computer crime and security show a drop in the number of computer security breaches to government and private-sector systems.

In last year's survey, 90 percent of survey respondents reported that they had detected a security breach in the past 12 months. This year, 85 percent reported security breaches.

However, the California organization that conducted the survey — with the cooperation of the FBI's San Francisco office — could not say whether government or the private sector is the greater victim of computer crime.

"We don't really break down the survey results based on government or private sector," said Patrice Rapalus, director of the Computer Security Institute (CSI). "But from 10 years in the business, I'd say it's pretty much even."

What is clear is that the cost of computer crime to victims is carrying a higher price than a year ago, according to highlights of the survey released Monday.

The complete survey will be released at the end of March, according to Rapalus, though some findings are available at CSI's Web site.

Among the findings is that 35 percent of the 538 respondents — 186 respondents — volunteered that they lost a combined $377.8 million last year through computer crime. The year before, 42 percent, or 249 respondents, owned up to losing a total of $265.5 million in the 12 months prior, according to CSI.

Rapalus said it is difficult to say whether the overall numbers mean things have gotten better or worse, although Bruce Gebhardt, the head of the FBI's northern California office, said the results "again demonstrated the seriousness and complexity of computer crimes."

The vulnerability of conducting business online is a law enforcement challenge that requires continued cooperation between government and industry, Gebhardt said in a statement.

Furthermore, Andrew Black, a spokesman for the bureau's San Francisco office, said governments must follow the same security rules as businesses do for their sites and networks.

"Unless all employees follow their [computer] security plan, they become vulnerable," Black said. "We impress on the system administrator to stay on the employees to follow the security safeguard plan. That would make our job a lot easier."

Featured

  • Defense
    Soldiers from the Old Guard test the second iteration of the Integrated Visual Augmentation System (IVAS) capability set during an exercise at Fort Belvoir, VA in Fall 2019. Photo by Courtney Bacon

    IVAS and the future of defense acquisition

    The Army’s Integrated Visual Augmentation System has been in the works for years, but the potentially multibillion deal could mark a paradigm shift in how the Defense Department buys and leverages technology.

  • Cybersecurity
    Deputy Secretary of Homeland Security Alejandro Mayorkas  (U.S. Coast Guard photo by Petty Officer 3rd Class Lora Ratliff)

    Mayorkas announces cyber 'sprints' on ransomware, ICS, workforce

    The Homeland Security secretary announced a series of focused efforts to address issues around ransomware, critical infrastructure and the agency's workforce that will all be launched in the coming weeks.

Stay Connected