|
Web Application Vulnerabilities
In the second half of 2007, 58% of all vulnerabilities affected Web applications. This is less than the 61% in the first half of 2007. This drop in the proportion of Web application vulnerabilities is a continuing trend. From an attacker's standpoint, rather than try to compromise numerous smaller sites, it is better to compromise a specific popular site with a single vulnerability, as this increases the chances of compromising a larger number of hosts.
Full Chart 
Losing Money
For IT under attack, the greatest loss of dollars is felt in an attack by a virus.
Full Chart
Security Technologies
With all the security technologies available to them, CIOs deploy a combination, though almost all include antivirus software in the mix.
Full Chart
Security Check
A survey found that 82 percent of respondents indicated that their organizations conduct security audits.
Full Chart
Outsourcing Security
Outsourcing computer security work is not as common as one might suppose. Only 7 percent of respondents indicated that their organizations outsource more than 20 percent of the security function.
Full Chart
Spending on Security
Information security managers have become increasingly aware that the financial aspects of information security management demand an increasing portion of their time and effort. In a survey, 46 percent of respondents indicated that their organization allocated between 1 percent and 5 percent of the total IT budget to security.
Full Chart
Cybercrime Insurance
Fewer than 30 percent of private and public sector respondents in a survey indicated that their organizations used external insurance to help manage cybersecurity risks. "It's still early days," concluded the report.
Full Chart
Web Application Vulnerabilities
In the first half of 2007, 61% of all vulnerabilities affected Web applications. This is a drop from the 66% reported in the second half of 2006, and a further decrease from the 69% of all vulnerabilities that affected Web applications in the first half of 2006.
Full Chart
Patched Operating System Vulnerability by Type
Of the 59 patched vulnerabilities that affected Apple Mac OS X in the first half of 2007, eight affected browsers, 21 were client-side vulnerabilities, 17 were local, 11 affected servers and two vulnerabilities did not fit into any of these categories. There were 30 patched vulnerabilities disclosed during this period that affected HP-UX. Of these, 13 affected browsers, three were client-side, three were local, nine affected servers and two could not be categorized.
Full Chart
Chatting into the Network
Intruders penetrate various domains by various means. This chart indicates intrusions via Internet Relay Chat (IRC) by domain.
Full Chart
Vulnerability Trends
The number of total vulnerabilities reported peaked in 2002 at 4,129, but has not fallen to its 2000 low of 1,090.
Full Chart
Information Sharing
More companies do not participate in information sharing organizations.
Full Chart
Intrusion Response
The most common response to an intrusion is patching.
Full Chart
|
