SAN FRANCISCO, Sept. 14, 2007 -- The Computer Security Institute (CSI) today released its 2007 report with news that the average annual loss reported by U.S. companies in the 2007 CSI Computer Crime and Security Survey more than doubled, from $168,000 in last year's report to $350,424 in this year's survey. This ends a five-year run of lower reported losses.

Financial fraud overtook virus attacks as the source of the greatest financial loss. Virus losses, which had been the leading cause of loss for seven straight years, fell to second place. Another significant cause of loss was system penetration by outsiders.

Additional key findings include:

-- Almost one-fifth of those respondents who suffered one or more kinds of security incident said they'd suffered a "targeted attack," i.e. a malware attack aimed exclusively at their organization or at organizations within a small subset of the general population.

-- Insider abuse of network access or e-mail (such as trafficking in pornography or pirated software) edged out virus incidents as the most prevalent security problem, with 59% and 52% of respondents reporting each respectively.

-- When asked generally whether they'd suffered a security incident, 46% of respondents said yes, down from 53% last year and 56% the year before.

"At a period when experts throughout the industry have been discussing with concern the growing sophistication and stealth of cyber attacks, here we have a couple hundred respondents saying they lost significantly more money last year," states Robert Richardson, CSI director and author of the survey. "There's a strong suggestion in this year's results that mounting threats are beginning to materialize as mounting losses."

The complete 2007 CSI/FBI Computer Crime and Security Survey is available for free download on the CSI Web site at GoCSI.com.

About CSI

Computer Security Institute (CSI) is the world's leading membership organization specifically dedicated to serving and training the information, computer and network security professional. Since 1974, CSI has been providing education and aggressively advocating the critical importance of protecting information assets.

The CSI Annual Conference, CSI 2007, is the leading management, policy and strategy event for security professionals. The conference features over 100 sessions covering the management and technical issues crucial to deploying a successful protection strategy. The CSI Exhibition features over 80 new and established companies, demonstrating the latest security tools and technologies.

CSI publishes the widely cited annual CSI Computer Crime & Security Survey, and presents the findings in various cities at the CSI Survey Event. CSI also offers many other regional and online events. CSI Awareness offers products and training to help improve awareness; private training is also available for organizations.

For more information about CSI 2007 November 3-9, go to http://CSIannual.com.

About CMP

CMP (http://www.cmp.com/) is a media and marketing solutions company serving the technology industry. With the leading online, event and print brands in all technology market categories, and with services and tools that reach beyond traditional advertising, CMP shapes and influences the technology industry worldwide. CMP publishes highly respected media brands such as TechWeb, InformationWeek, ChannelWeb, CRN, EE Times and TechOnline; produces major industry events such as Interop, Web 2.0 Expo, XChange, Game Developers Conference and the Embedded Systems Conferences; and provides business information and marketing services such as the International Customer Management Institute, Semiconductor Insights and Second Life consulting for technology marketers. CMP is a subsidiary of United Business Media (http://www.unitedbusinessmedia.com/), a global provider of news distribution and specialist information services with a market capitalization of more than $3 billion. For more CMP news, go to http://cmp.com/news.

Copyright 2007, Computer Security Institute, 600 Harrison Street, San Francisco, CA 94107. Telephone: (415) 947-6320 Fax: (415) 947-6023, email csi@cmp.com. For complete survey, go to GoCSI.com.