Report: Outsider Attacks Down, Insider Attacks Up

The good news: For the first time in the five-year history of its annual security study, CA is today reporting a decrease in attacks from outside the enterprise.

The bad news: Insider attacks are up nearly two percent from two years ago -- and nearly 30 percent from five years ago.

According to a study conducted by the Strategic Counsel and published today by security software maker CA, only 59 percent of U.S. enterprises say they have dealt with virus attacks over the past 12 months, compared with 68 percent two years ago. Network-based attacks were down to 40 percent, compared with 50 percent in 2006.

The figures represent the first downturn in external attacks since CA began doing the study five years ago. However, the percentage of enterprises reporting internal breaches increased to almost 44 percent, up from 42 percent in 2006 and just 15 percent in 2003.

No matter what their source, breaches made a significant impact on the enterprises that experienced them, according to a study. More than a third reported a loss of confidential customer or transaction data, and 33 percent reported reduced customer satisfaction. Thirty-five percent reported a loss of customer or public confidence, and 61 percent reported lost productivity.

Only 28 percent of respondents are "very confident" in their organization's ability to protect itself against losing customer or transaction data.

— Tim Wilson, Site Editor, Dark Reading