Data breaches still lognormal

[Luther Martin <martin () voltage com>]

Earlier this year, I wrote some stuff (like this, for example 
http://www.csoonline.com/article/501584/Data_Breaches_Patterns_and_Their_Implications?page=1) that mentioned how the 
size of data breaches seems to follow a lognormal distribution - the size of breaches doesn't fit a normal or bell 
curve, but the logarithm of the size of breaches does. 

This year isn't over yet, but the last time I looked at this year's data, the same thing still held. The past three 
years had a mean of about 3.5 and a standard deviation of about 1.2. So far this year it looks about the same, with a 
mean of about 3.3 and a standard deviation of about 1.2. The lognormal model seems to fit the data fairly well, so the 
predictions that it makes about things like what fraction of breaches will expose 1 million of more records, etc., are 
fairly accurate. 

I'll do a more careful analysis next year, after more data from 2009 is available. 

Analysis like this wouldn't be possible without excellent the work that the OSF people are doing, of course. 
_______________________________________________
Dataloss-discuss Mailing List (dataloss-discuss () datalossdb org)
Archived at http://seclists.org/dataloss/

Get business, compliance, IT and security staff on the same page with
CREDANT Technologies: The Shortcut Guide to Understanding Data Protection
from Four Critical Perspectives. The eBook begins with considerations
important to executives and business leaders.
http://www.credant.com/campaigns/ebook-chpt-one-web.php