Cisco may be presenting a questionable interpretation of recent security statistics to promote its intrusion detection technology.
Cisco security consultant Sean Convrey told customers attending this year's Cisco Networkers Conference in Brisbane that the Federal Bureau of Investigation (FBI) found that half of all malicious network attacks originate from inside the target organisation.
Arousing doubt about the value of the firewall, Cisco representatives said that organisations relying on -single-point" protection strategies are operating with false sense of security.
Cisco's statements are based on findings of the Computer Crime and Security Survey compiled by the US-based Computer Security Institute in co-operation with the FBI.
The survey of around 600 companies found that unauthorised access by insiders accounted for 49 percent of security breaches in 2001. However, Cisco did not recognise that the same survey found insider breaches to have been significantly higher the previous year, accounting for 71 percent of attacks.
Whilst the survey authors acknowledged views that insiders represent the greatest source of 'risk' for enterprises, they highlighted an upward trend in external attacks in unequivocal terms - something that Cisco failed to acknowledge.
"Clearly the threat from outsiders is increasing dramatically and has been for several years," the report read.
Whilst Cisco representatives also claim that insider activity accounted for 80 percent of security related financial losses, its statistical source wasn't supplied.
According to the survey, unauthorised insider access and abuse of net access, combined, cost the respondent group around US$41 million. However that figure was dwarfed by proprietary theft which cost US$151 million.
The survey also noted that 61 percent of respondents already use intrusion detection systems.
Andrew Colley travelled to Brisbane as a guest of Cisco
