reactions to events
As was the case last year, respondents appear to be more proactive when dealing with incidents than they have been in past years (Figure 13).
This year, 62.3 percent of respondents had patched vulnerable software following an incident. This was admittedly down from last year’s 68.3 percent, but up markedly from prior years when the number was below 50 percent.
Generally speaking, many of the categories in this question dropped slightly, but within the likely margin of error, such that it’s difficult to say whether there was really any particular dropoff.
There were some changes that are of interest.
There was a significant jump in those reporting that they installed additional security software, rising from 37.8 percent last year to 48.6 percent.
For the first time, we asked whether an internal forensics investigation was conducted and nearly half—44.2 percent—reported that they had. The attempt to identify the perpetrator continues to drop—from 60 percent two years ago, to 37.2 percent last year, and now this year down to 23.9 percent. It would seem that mitigation and recovery are much higher priorities than attempting to find the wrongdoer and mete out justice.
After a high point of 35 percent of respondents saying that they’d reported incidents to law enforcement last year, the percentage dropped back into its historically more customary range at 27.5 percent.
There was a slight (and possibly not significant) dip in the extent to which incidents were reported to the media, falling from 5.6 percent to 3.6 percent.
We provided this answer as an option beginning only last year.
At the time, we didn’t make much of the figure, but now that it has come in very low for a second year, it seems time to underline that the prevalent belief that most of the cybercrimes out there aren’t things we hear about. Of course, many of these incidents wouldn’t constitute news even if they were reported to the media, but nevertheless one can say with some certainty that having only four or five percent of incidents appearing in the news means that we read only about the tip of the proverbial iceberg.
reactions to eventsAs was the case last year, respondents appear to be more proactive when dealing with incidents than they have been in past years (Figure 13). This year, 62.3 percent of respondents had patched vulnerable software following an incident. This was admittedly down from last year’s 68.3 percent, but up markedly from prior years when the number was below 50 percent. Generally speaking, many of the categories in this question dropped slightly, but within the likely margin of error, such that it’s difficult to say whether there was really any particular dropoff.There were some changes that are of interest. There was a significant jump in those reporting that they installed additional security software, rising from 37.8 percent last year to 48.6 percent.For the first time, we asked whether an internal forensics investigation was conducted and nearly half—44.2 percent—reported that they had. The attempt to identify the perpetrator continues to drop—from 60 percent two years ago, to 37.2 percent last year, and now this year down to 23.9 percent. It would seem that mitigation and recovery are much higher priorities than attempting to find the wrongdoer and mete out justice.After a high point of 35 percent of respondents saying that they’d reported incidents to law enforcement last year, the percentage dropped back into its historically more customary range at 27.5 percent. There was a slight (and possibly not significant) dip in the extent to which incidents were reported to the media, falling from 5.6 percent to 3.6 percent. We provided this answer as an option beginning only last year. At the time, we didn’t make much of the figure, but now that it has come in very low for a second year, it seems time to underline that the prevalent belief that most of the cybercrimes out there aren’t things we hear about. Of course, many of these incidents wouldn’t constitute news even if they were reported to the media, but nevertheless one can say with some certainty that having only four or five percent of incidents appearing in the news means that we read only about the tip of the proverbial iceberg.
การแปล กรุณารอสักครู่..