Two data bits from Bit9's own survey contradict the supposition that Anonymous is the apocalypse and only CISPA can save us:
First, the security people in the survey who said they work for the federal government, far more said their biggest fear is digital espionage or attack from China, Russia or other nation-states than said they worried about Anonymous or other hacktivists.
Attacks from Chinese cyberspies cost the U.K. $43 billion, according to a report from the British Ministry of Defence's Cyber Security Program in October.
Federal agencies are in a more direct line of fire from hacktivists like Anonymous than any individual company, because there are fewer of them and the government is the primary target of protesters.
Federal agencies also have Congress' ear to a much greater degree than the private sector when they complain about security risks.
If legitimate complaints about security were behind CISPA, you can be Congress would put far more effort into protecting the military, political and taxpayer information at government agencies than they did to protect the intellectual property of Sony, whose various networks and divisions were hacked 18 times in one long, orgiastic series of attacks last summer.
If the security wonks at those agencies put nation-states like China and Russia at the top of their list of most-likely attackers, is it accurate to consider Anonymous the biggest threat?
Second: No, it's not accurate.
When asked about specific kinds of threats to which they might be vulnerable, 45 percent said malware was the biggest risk, followed by spear phishing (16 percent) and drive-by malware downloads (13 percent).
The main weapons of Anonymous, MalSec, LulzSec and the rest of the brothers of the coast – distributed denial of service (DDoS) and SQL Injection attacks – worried only 11 percent and 4 percent of respondents, respectively.
Where are the real cybersecurity risks?
For a little perspective, the 4,300 people interviewed for the annual Security Threat Report from Sophos listed sloppy user security, social networking scams and malware as the most significant security threats for this year.
Weak passwords, botnets, misconfigured cloud-computing security, negligence and data-leaking mobile devices are all larger threats to most companies and individuals than hacktivists, according to veteran tech columnist David Coursey, in a January Forbes opinion piece.