Information Security Awareness, Training and Motivation — Native Intelligence, Inc.

Security Awareness Fact or Fiction Examples

 

Fact or Fiction

1. In 2010, the U.S Secret Service arrested more than 1,200 suspects for cybercrime violations.

Fact!  In 2010, the Secret Service arrested more than 1,200 suspects for cybercrime violations. These investigations involved over $500 million in actual fraud loss and prevented approximately $7 billion in additional losses. 

Source: 2011 Verizon Business Data Breach Investigations Report http://www.verizonbusiness.com/resources/reports/rp_data-breach-investigations-report-2011_en_xg.pdf

 

2. Among these industries:  

  • financial
  • health care
  • retail
  • higher education
  • hospitality
  • government

the industry that suffers the most data breaches is health care.
Fiction!  The industry that suffers the most data breaches is hospitality (40%), per the 2011 Verizon Business Data Breach Investigations Report.  Second place was retail (25%), and third was financial services (22%).

 

3. During the largest known cyber theft (to date), 130 million credit card numbers were stolen.
Fact! 130 million credit card numbers were stolen in the Heartland Payment Systems breach of 2009.
Source: "TJX Hacker Charged with Heartland, Hannaford Breaches," Kim Zetter, August 17, 2009   http://www.wired.com/threatlevel/2009/08/tjx-hacker-charged-with-heartland/

 

4. As of 2009, 7% of employees steal proprietary corporate data when they quit or are fired.
Fiction! The actual percent, according to the Ponemon Institute, is 59%.


Source: “Data Theft Common by Departing Employees,” Brian Krebs, washingtonpost.com Staff Writer, Thursday, February 26, 2009; 12:15 PM http://www.washingtonpost.com/wp-dyn/content/article/2009/02/26/AR2009022601821.html

 

5. In 2010, with regard to cybercrime, information theft cost companies more than business disruption.


Fact! The greatest external cost of cybercrime was information theft (40%), followed by business disruption (28%).


Source: Second Annual Cost of Cyber Crime Study, Benchmark Study of U.S. Companies,
Source: Ponemon Institute August 2011
http://www.arcsight.com/collateral/whitepapers/2011_Cost_of_Cyber_Crime_Study_August.pdf

 

6. FBI Director, Robert Mueller, gave up online banking after nearly falling for an identity theft phishing attack.


Fact! FBI Director Robert Mueller was banned by his wife from doing online banking after he nearly fell for a phishing scam, he said in 2009 during a talk at the Commonwealth Club of California.
He received an e-mail purporting to be from his bank that looked legitimate, which prompted him to verify some information. He started to follow the instructions, but "Just a few clicks away from falling into a classic Internet phishing scam," Mueller "barely caught himself in time" and admitted he "definitely should have known better."
He said he changed his passwords and tried to pass the incident off to his wife as a "teachable moment," but she was having none of it and told him, "It is our money. No more Internet banking for you!"


Source: Cnet “Wife bans FBI head from online banking,” Elinor Mills, October 7, 2009 4:07 PM PDT
http://news.cnet.com/8301-27080_3-10370164-245.html

 

7. The most hostile country on the Internet, based on the number of attacks launched from that country, is Russia.


Fiction! The correct answer is Myanmar, with 13% of attacks.  Myanmar was the top attack traffic source, accounting for 13% of observed attack traffic in total. The United States and Taiwan held the second and third place spots respectively, accounting for just under 20% of observed attack traffic combined.

Source: Akami, the state of the Internet Q2, 2011.
http://www.akamai.com/dl/whitepapers/akamai_soti_apac_q111.pdf?curl=/dl/whitepapers/akamai_soti_apac_q111.pdf&solcheck=1&