Computer security incidents against Australian businesses: Predictors of victimisation

Abstract

Common computer security incidents include viruses and other malicious code, spyware, phishing, sabotage of network or data and denial of service attacks. Results from the modelling analysis therefore represent the impact of the remaining variable(s) on the probability of victimisation, relative to the omitted variable. Considered as a whole, the variables analysed- industry sector, business size, respondents' knowledge of information technology, types of computer security tools used, types of computer security policies used, whether businesses outsourced computer security functions and businesses' information technology security expenditure as a proportion of total information technology expenditure- explain 8.6 percent of businesses' likelihood of experiencing a computer security incident