First annual New Zealand computer crime and security survey

Abstract

The New Zealand Computer Crime and Security Survey is conducted by the Security Research Group (SRG) of the University of Otago, in partnership with the Computer Security Institute (CSI), New Zealand’s Centre for Critical Infrastructure Protection (CCIP), and the New Zealand Police. This 2005 survey is the inaugural annual survey and is based on the CSI/FBI Computer Crime and Security Survey. The CSI/FBI Survey is the longest running continuous survey in the information security field and commonly known as a leading source of statistics related to computer crime and security. The 2005 survey results are based on the responses of 218 computer security practitioners in New Zealand (NZ) manufacturing, governmental, financial and medical organisations, and tertiary education providers regarding the 2004 calendar year. All monetary figures are in NZ$, roughly equivalent to US$0.5. Four questions in the 2005 survey address issues considered in a previous 2004 SRG survey, allowing some discussion of trends. Most, however, have not been addressed in New Zealand before so trend analysis awaits subsequent survey results. The trends considered in this survey are: - Prevalence of security incidents - Percentage of the Information Technology (IT) department budget spent on security issues - Use of cyber-security incident insurance - Use of Intruder Detection Systems (IDS) technology - Popularity of common workstation operating systems (OS)