TFO & Incident centered security management - Department of ...
TFO & Incident centered security management - Department of ...
TFO & Incident centered security management - Department of ...
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Types <strong>of</strong> Security Objects<br />
PPhysical Assets<br />
< Computers and communications machinery<br />
< Attack with physical assaults<br />
PS<strong>of</strong>t Assets<br />
< Protocols and s<strong>of</strong>tware<br />
< Attack with cracking and malicious code<br />
PPsychic Assets<br />
< Perceptions and information<br />
< Attack with data falsification<br />
Security Threats<br />
13<br />
14<br />
Security Breaches<br />
CSI 2010/2011 Computer Crime and Security Survey<br />
P Malware Infection: 67%<br />
P Misrepresented by phishing: 39%<br />
P Laptop/mobile theft: 34%<br />
P Bots or zombies inside the organization: 29%<br />
P Insider abuse <strong>of</strong> internet (porno, pirate, abusive email):<br />
25%<br />
P Denial <strong>of</strong> service attacks: 17%<br />
P Insider unauthorized access to info: 13%<br />
P Password sniffing: 12%<br />
P Outsider system penetration: 11%<br />
Impacts<br />
CSI 2010/2011 Computer Crime and Security Survey<br />
P Compromise <strong>of</strong> personal identifiable info 16%<br />
P Theft <strong>of</strong> proprietary information: 10%<br />
P Financial fraud: 9%<br />
P Targeted attacks: 45.2%<br />
P Concern for insider & fraud giving way to “targeted<br />
attacks”<br />
< Advanced Persistent Threats<br />
< Attack 2.0<br />
15<br />
16