Re: security breaches as a result of email

[Dennis Opacki <DOpacki () Covestic com>]

I believe that what we are talking about here is "root cause analysis". Unfortunately, getting to the root cause of the 
event often requires a degree of sophistication and communication uncommon in companies experiencing data breaches. I usually send 
people interested in this sort of analysis to Rooney and Vanden Huevel's write-up[1]. While focused on quality control, it gives 
some good direction on causal factor charting and root cause identification. I have had luck in the past adapting it to computer 
security applications.

-Dennis

[1] http://www.asq.org/pub/qualityprogress/past/0704/qp0704rooney.pdf 



From: B.K. DeLong
Sent: Wed 10/11/2006 11:02 AM
To: Al Mac
Cc: dataloss () attrition org
Subject: Re: [Dataloss] security breaches as a result of email





On 10/11/06, Al Mac <macwheel99 () sigecom net> wrote: 
The data base has coding http://attrition.org/dataloss/dldoskey.html as to
nature of breach that could narrow you down to this kind of relevance, but
this is something that continues to evolve, and be improved upon by 
feedback here.  I do not see in the chart a coding for the nature of the
breach:
* laptop gone missing
* dumpster diving
* hacker broke in
* data managers must have been computer illiterates
* data managers must have been privacy illiterates 
* e-mail stupidity
* etc.
so if you do a search of the raw data, looking for "e-mail" you going to
get a lot of hits that what was breached was person's e-mail address


You make a good point - this is definitely something else we should be tracking in the DLDOS. 
_______________________________________________
Dataloss Mailing List (dataloss () attrition org)
http://attrition.org/dataloss
Tracking more than 136 million compromised records in 416 incidents over 6 years.