A Comparison Of Information Security Surveys

3096 words - 13 pages


A Comparison of Information Security Surveys Conducted by the Computer

Security Institute and Ernst & Young of Public and Private Sector Organizations

University of Maryland University College

A Comparison of Information Security Surveys Conducted by the Computer

Security Institute and Ernst & Young of Public and Private Sector Organizations

Emerging technologies utilized for electronic commerce are offering organizations the opportunity to reexamine strategic business models, processes, and relationships (Turban et al., 2008). The business environment is quickly changing as a result of new technological ...view middle of the document...

, 2008). Therefore, this paper will examine two independent surveys conducted in 2008 by the Computer Security Institute (CSI) and Ernst & Young (EY) of public and private sector organizations. The survey methodologies employed by CSI and EY, the results of the collected data and key findings will be discussed. An analysis and comparison of the surveys to include both methodologies and findings will also be offered.
Computer Security Institute (CSI)
CSI is a professional membership organization serving practitioners of information, network and computer-enabled physical security from the level of system administrator to the Chief Information Security Officer (About the Computer Security Institute, 2009). CSI “serves the needs of information security professionals through membership, educational events, security surveys and awareness tools” (About the Computer Security Institute, 2009, para. 1). The following is a summary of CSI’s information security survey methodology employed in 2008 as well as results and key findings:
Information Security Survey Methodology

Survey Distribution and Objective

In January 2008, CSI distributed surveys to 5,000 computer security practitioners in the United States (U.S.), via hardcopy and e-mail. When this survey was distributed in 2008, the survey recipients were members of CSI or had attended several CSI conferences and were employed by U.S. corporations, government agencies, financial, medical and academic institutions (Computer Security Institute, 2008) (see Table 1 for the major industry groups surveyed and percentage breakout of survey responses). CSI’s objective was to determine how public and private sector organizations in the CSI “community” had been affected by network and computer crime in 2007 and if these organizations were developing policies to secure their information systems and data (Computer Security Institute, 2008).

Survey Questions
The following questions were included in CSI’s 2008 information security survey (Computer Security Institute, 2008):
➢ How many employees are currently in your organization?
➢ What is the total annual revenue of your organization (if applicable)?
➢ How much of your organization’s IT budget was allocated for information security?
➢ What percentage of your organization’s IT budget was allocated for information security awareness training?
➢ Has your organization experienced any information security incidents and how many have you had to deal with in 2007?
➢ What percentage would you attribute financial losses within the organization to insider information systems attacks?
➢ What were the key types of information security incidents experienced by your organization (i.e. virus, insider abuse, laptop theft, unauthorized access, and financial fraud)?
➢ What types of security technologies were used by your organization (i.e. anti-virus software, application-level firewalls, encryption...

Other Essays Like A Comparison of Information Security Surveys

A Comparison of Ethical Theories Essay

681 words - 3 pages A Comparison of Ethical Theories Ethics are codes of behavior, adopted by a group; a family, community or nations, setting the boarders for behavior. Some examples of ethics theories include: virtue ethics, utilitarianism, and deontology.  The virtue theory of ethics can be summed up with the statement, that if a person’s character is good, they will make good choices. The choices they make are strictly based on their internal thoughts and

A Comparison Of Love Poems Essay

2691 words - 11 pages sonnet. This is made obvious due to the single verse consisting of 14 lines. It is also again a love poem expressing a particular idea, which in this case is mutability. It tackles the deep concept of beauty changing and decaying.The first line opens the poem with a rhetorical question making a comparison to a summer 's day. It is then answered in the second line stating that this beautiful woman whom the speaker is addressing is indeed far 'more

Literary Comparison Of A Clock

1841 words - 8 pages A Literary Comparison Of A Clockwork Orange and The Crucible      The existence of evil in the world is a universal question that is often contemplated. Anthony Burgess and Arthur Miller in their novels A Clockwork Orange and The Crucible address this question of evil. One of these stories is set in the future, and the other in the past confirming the belief that the human struggle between good and evil is timeless

A Comparison Of Poems About London

646 words - 3 pages A Comparison of Poems About London 'London', by William Blake, and William Wordsworth's untitled poem, composed on Westminster Bridge, are two different poems written with different styles and techniques to portray their feelings towards London. They are both written in the romantic era and are very passionate in the way they convey their (as both are written in first person) differing opinions on London. Wordsworth's

A Comparison of Freud and Fromm

1853 words - 8 pages changes that would be hard to implement. Many observers called his ideas unscientific and excessive. I personally do not agree with a lot of Freud’s Theory, however I do give credit to him for bringing important information to the field of psychology. I believe he was an extremely smart man and has laid grounds for many to follow. Some of the things I do agree with are psychoanalytic therapy, the importance of the unconscious, defense mechanisms

A Comparison of Christianity and Taoism

2803 words - 12 pages A comparison of Christianity and Taoism It is not precisely known when the concept of religion was first introduced to mankind but, it is thought to be pre-existed when the very first form of human civilization emerged. Thus, the religion always occupied the greatest part of human civilizations. As the civilization advanced, the religion also advanced. About two thousand years ago, there were few powerful countries which could exert both

Exploration of Cyber Security as a Public Good

2319 words - 10 pages use of such records or information which could result in substantial harm or inconvenience to any customer” (Bidgoli, 2011). In requiring a certain level of protection of data, the government is justified in indirectly telling private industry how to improve their cyber security. Another similar situation in which the government indirectly instructs private industry on security is the Electronic Communications Privacy Act (ECPA, 1986

The Study That Concerns a Broad Subject of Information Technology

2767 words - 12 pages issues. From cell phone signal interceptions to email hacking, people are now worried about their once private information becoming public knowledge. Lack of job security - Industry experts believe that the Internet has made job security a big issue as since technology keeps on changing with each day. This means that one has to be in a constant learning mode, if he or she wishes for their job to be secure. Dominant culture - While information

Comparison of Reactors for Prediction of Kinetics for a Reaction

3231 words - 13 pages Comparison of reactors for prediction of kinetics for a reaction Abstract In this report, a Matlab model for simulating simultaneous oxidation of carbon monoxide and propylene in a fixed bed reactor. The model takes into account temperature variation and pressure drop down the reactor. The catalyst pellets are assumed to be isothermal; only the concentration variation is considered inside the pellet. Both external and internal diffusion is

A Comparison Of The Australian And North Korean Economies

1834 words - 8 pages described as poor. With many factors unknown such as the actual extent of peoples suffering the only facts accountable for come from information collected by operations done by foreign countries. Examples that would support view that North Korea has a low quality of life is the extensive food aid operations that existed between 1995-96. One third of North Koreas population is thought to be in famine thus the food aid programs put in place by nations such

Comparison Of The Great Gatsby And A Streetcar Named Desire

1493 words - 6 pages Gatsby and Blanche devote a lot of their lives to finding true love, their searching leaves them unsuccessful. Gatsby and Blanche are blinded by their own pasts. Gatsby decides to live in a constant fantasy that he will get Daisy back. He is not willing to accept that she is married and loves another man. This is shown through this quote "he stretched out his arms toward the dark water in a curious way, and, far as I was from him, I could have sworn

Related Papers

Chapter 5 Principles Of Information Security

3378 words - 14 pages ITS Chapter 5 Review Questions 1. How can a security framework assist in the design and implementation of a security infrastructure? Answer: Security framework is the overall plan for information security measures. It is a general outline that can easily be altered to an organization security needs. Elements that can protect the infrastructure should be included such as; a security perimeter, which protects the internal systems from

Principles Of Information Security Chapter 2 Review Questions

1131 words - 5 pages 1. Management is responsible for implementing information security to protect the ability of the organization to function. They must set policy and operate the organization in a manner that complies with the laws that govern the use of technology. Technology alone cannot solve information security issues. Management must make policy choices and enforce those policies to protect the value of the organization’s data. 2. Data is important to an

Chapter 7 Principles Of Information Security 1 14

1521 words - 7 pages Principles of Information Security, 4th Edition Chapter 7 Review Questions 1. What common security system is an IDPS most like? In what ways are these systems similar? IDPSs are much like burglar alarms. They both will monitor an area for actions that may represent a threat and sound an alarm when those actions are detected. 2. How does a false positive alarm differ from a false negative one? From a security perspective, which is least

Expected Return Of A Security Essay

2792 words - 12 pages Question 1a In order to calculate the expected return of a security, it can be calculated by: Ri=ERi=j=1MPijRij ERi is the expected return on a Security i. In order to measure how much the outcomes differ from the mean, the average squared deviation is our Variance(σ2i) when each return is equally likely can be shown as follows: σ2i=1nn=1n(μ-Ri)2 and the square root of the variance is the Standard Deviation(σi). σ=1nn=1n(Î