One in 10 companies falls victim to an average of two computer crimes each year, with each costing $5,000 in immediate losses. On average, 31 percent of employees in a survey of 400 'Security' reader respondents is computer active. Companies are twice as likely to experience computer crime if they employ more than 1,500 people or if 50 percent of employees use computers on the job. Employees' unauthorized use of data is the major threat to system integrity. The remaining threats are largely physical -- fire, natural disaster, theft of equipment. Data that ranks highest in terms of requiring protection from such threats include payroll or personnel records, customer lists, accounts payable/receivable, and price lists and bidding information. While restricting access to and manipulation of such data is critical, the efforts of employees and security staff are needed to protect data and detect computer crimes. Most such crimes are exposed by internal audits, general security investigation, tips from employees. While the computer security function is usually structured within the data processing department with assistance from security staff, respondents foresee the eventual development of a separate computer security function. Compared to 1986 respondents, 1987 respondents felt more computer crime was being detected. Computer security budgets also have increased, with spending concentrated on software oriented protection and physical protection. 4 figures.