Re: Stop The 70% Lie

["The Security Community" <thesecuritycommunity () gmail com>]

On Fri, Jul 18, 2008 at 3:47 PM,  <Valdis.Kletnieks () vt edu> wrote:
> On Fri, 18 Jul 2008 15:22:56 EDT, The Security Community said:
>
> > Again, CyberArk != FBI and 47 != 70.
>
> You missed the point - if 47% are doing things that are quite possibly ECPA
> offenses, they could *easily* total 70% of *all* the incidents *all by
> themselves*.
>
> Assume 5 sysadmins at a company. If 1 out of 3 snoop, the probability that
> *none* of them snoop is (2/3)**5 or only 0.13 or so.
>
> At that point, an average 87% of all companies have ECPA offenses committed
> by insiders.  At that point, you're needing to *dilute* the insider percentage,
> not pump it up.

Not waniting to argue who is missing whose point, there is no FBI data
on the subject, regardless of what the percentage may be.  It may very
well be 70%, but there is no FBI statement/research/press release
supporting this conjecture.  There never has been and at best it is a
misreading of the CSI/FBI surveys (which the FBI ceased participating
in last year).

BTW, there are ~75 Google hits for "70 percent" at fbi.gov, but we
probably all know that by now.

100% of them have nothing to do with the 70% Lie.
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.