While not yet published, some of the results from the 2007 Irish Crime Survey were revealed in the SiliconRepublic.com. The survey was compiled by the Irish chapter of the Information Systems Security Association (ISSA) and University College Dublin’s Centre for Cybercrime Investigation. The survey looks at attacks and intrusions at both public and private organisations during the course of 2007.
What is interesting is that 1 in 4 organisations surveyed admitted to having experienced an external intrusion into their systems. While 30% stated they experienced denial-of-service (DoS) attacks.
One figure that struck me was that despite a high number of organisations reporting internal security breaches, only 14% of those surveyed were concerned about employees accessing data they should not, and only 8% rated internal intrusions in their top three security concerns.
Organisations need to wake up that one of the biggest threats to their security is their own staff. If we look at the recent spate of reported data losses here in Ireland the vast majority resulted from lost laptops or mobile devices.
So when it comes to securing your systems and your information, remember those that you trust the most are the ones that can hurt you the most.
The detailed survey will be available from the ISSA Ireland’s website later next week.
Brian, thanks for the mention. The final report was published yesterday and is available from the ISSA website (www.issaireland.org/cybercrime). We think there are some interesting findings and hope the report will be useful for Irish security professionals.
Thanks for the update Owen. I encourage all Irish information security professionals to read this report. It contains information relevant to the infosec threats that Irish companies, including yours, face. Remember the more information you have the better prepared you are to make better decisions