Computer Crime Research Center


2003 CSI/FBI Computer Crime and Security Survey

Date: June 01, 2004
Source: Computer Crime Research Center
By: Ludmila Goroshko

According to the 2003 CSI/FBI Computer Crime and Security Survey, the risk of cyber attacks continues to be high. The report found 75 percent of the 530 firms surveyed acknowledged financial losses, but only 47 percent could quantify the losses, which totaled more than $201 million dollars in 2003.

Statistical data - From the CSI/FBI 2003 survey:

Highlights include:

Overall financial losses from 530 survey respondents totaled
$201,797,340. This is down significantly from 503 respondents reporting
$455,848,000 last year. (75 percent of organizations acknowledged
financial loss, though only 47% could quantify them.)
Get your free PDF copy now.

The overall number of significant incidents remained roughly the same as
last year, despite the drop in financial losses.

Losses reported for financial fraud were drastically lower, at
$9,171,400. This compares to nearly $116 million reported last year.

As in prior years, theft of proprietary information caused the greatest
financial loss ($70,195,900 was lost, with the average reported loss
being approximately $2.7 million).

In a shift from previous years, the second-most expensive computer crime
among survey respondents was denial of service, with a cost of
$65,643,300--up 250 percent from last year's losses of $18,370,500.

This edition of the survey shows that economic loss from security incidents is way down. But not all of the findings are positive. Here's a recap and evaluation.

Total dollar losses:
1997: 249 respondents, US $ 100,119,555
1998: 241 respondents, US $ 136,822,000
1999: 163 respondents, US $ 123,779,000
2000: 273 respondents, US $ 265,589,940
2001: 196 respondents, US $ 377,828,700
2002: n/a respondents, US $ 455,848,000
2003: 503 respondents, US $ 201,797,340

Survey results illustrate that computer crime threats to large corporations and government agencies come from both inside and outside their electronic perimeters, confirming the trend in previous years. Forty-five percent of respondents detected unauthorized access by insiders. But for the fourth year in a row, more respondents (78 percent) cited their Internet connection as a frequent point of attack than cited their internal systems as a frequent point of attack (36 percent).

The results of this survey clearly indicate that the stakes involved in information systems security have risen. Your organization is vulnerable to nu- merous types of attack from many different sources and the results of an intrusion can be devastating in terms of lost assets and good will. There are steps you can take to minimize the risks to your information security and Computer Security Institute can help.

Computer Security Institute (CSI) is the world's premier membership association and edu- cation provider serving the information security community, dedicated to advancing the view that information is a critical asset and must be pro- tected. Through conferences, seminars, publications and membership benefits, CSI has helped thousands of security professionals gain the knowledge and skills necessary for success. For 30 years, CSI conferences and training have won the reputation as being the most well-respected in the industry.

Add comment  Email to a Friend

Discussion is closed - view comments archieve
2006-11-26 05:26:07 - These crazy bitches are ready to do... Adam
2006-10-07 07:46:19 - Great new site about sexy teens drunken... H
Total 2 comments
Copyright © 2001-2013 Computer Crime Research Center
CCRC logo