[*] "CSI/FBI Computer Crime and Security Survey 2004." Computer Security Institute and Federal Bureau of Investigation (CSI/FBI). http://i.cmpnet.com/gocsi/db_area/pdfs/fbi/FBI2004.pdf.
It is relevant to note that certain statistical data regarding attack activity can be somewhat contradictorydifferent sources reveal differing attack trends. For example, the 2004 E-Crime Watch Survey, conducted by CSO Magazine in cooperation with the United States Secret Service and the CERT Coordination Center, reports that attacks are up 46%, whereas other organizations report downward trending.
At first glance, the data appears to be conflicting. But delving further, the data reveals a landscape that is being better protected by tools and equipment such as antivirus (AV) software, IDS, IPS, and so on. If organizations were to scour their logs for all attacks that were attempted against their networks, most would likely discover that while the numbers of attacks were on the rise, the damage that had been inflicted had been substantively decreased because of the equipment that had been put in place.
Organizations that have invested in IT security prevention equipment over the last number of years will have experienced the positive trending that has recently been reported. Sustaining an environment that is focused on preventive measures continues to pose a challenge, as attacks, and attackers, will forever attempt to find vulnerable points that can be penetrated.
There might not always be agreement on attack trends, but following them ensures that an organization is always aware of existing threats. An appropriate infrastructure, aligned with an organization's tolerance for risk, can be effectively developed to address the bevy of ever-present threats.