March 4, 1998
FOR IMMEDIATE RELEASE
Contact: Patrice Rapalus, Director
Computer Security Institute
600 Harrison Street
San Francisco, CA 94107
|For a free paper copy of the final report, "Issues and Trends: 1998 CSI/FBI Computer Crime and Security Survey," complete with graphs, charts and analysis, please e-mail your postal address to firstname.lastname@example.org|
SAN FRANCISCO -- The Computer Security Institute (CSI) announced today the results of its third annual "Computer Crime and Security Survey."
The "Computer Crime and Security Survey" is conducted by CSI with the participation of the Federal Bureau of Investigation (FBI) International Computer Crime Squadís San Francisco office. The aim of this effort is to help raise the level of security awareness as well as determine the scope of computer crime in the United States.
Based on responses from 520 security practitioners in U.S. corporations, government agencies, financial institutions and universities, the findings of the "1998 Computer Crime and Security Survey" indicate that computer crime and other information security breaches are still on the rise and that the cost to U.S. corporations and government agencies is increasing.
Here are some of the most intriguing results.
Summary data for responses to all 1998 survey questions, and a table displaying financial losses due to various types of security breaches reported in both 1997 and 1998 accompany this press release.
Patrice Rapalus, CSI director, suggests that organizations pay more attention to information security staffing and training.
"While companies may think that they are spending the requisite amount on information security, the dramatic increase in quantified dollar losses indicates otherwise. In addition to hardware and software (for example, firewalls), organizations must ensure that training staffing levels are adequate and that end users are made aware of the seriousness of the situation."
Robert Walsh, Special Agent in Charge of the FBIís San Francisco office agreed that the dollar losses as reflected in this yearís survey are a matter of grave concern.
"But what is of equal concern is the seeming reluctance of organizations, for the third year in a row, to report computer intrusions to law enforcement. It is understandable that negative publicity is cited as the principal reason for this; however, the FBI has successfully investigated, and resolve, many cases in which computer crimes are alleged with either minimal or no public exposure to the victim company."
CSI, established in 1974, is a San Francisco-based association of information security professionals. It has thousands of members worldwide and provides a wide variety of information and education programs to assist practitioners in protecting the information assets of corporations and governmental organizations.
The FBI, in response to an expanding number of instances in which criminals have targeted major components of information and economic infrastructure systems, has established International Computer Crime Squads in selected offices throughout the United States. The mission of these squads is to investigate violations of Computer Fraud and Abuse Act of 1986, including intrusions to public switched networks, major computer network intrusions, privacy violations, industrial espionage, pirated computer software and other crimes where the computer is a major factor in committing the criminal offense.
The seriousness of this mission was recently reinforced by U.S. Attorney General Janet Renoís announcement of the creation of the National Infrastructure Protection Center. Recopgnizing this country's unprecedented reliance on technology, the Center, which will be a joint partnership among federal agencies and private industry, is designed to serve as the government's lead mechanism for responding to an infrastructure attack.
Copyright © 1998, Computer Security Institute, 600 Harrison Street, San Francisco, CA 94107. Telephone: (415) 905-2626 Fax: (415) 905-2218. Please send us your feedback.
Click here to locate original.