Re: Stop The 70% Lie

[Valdis.Kletnieks () vt edu]

On Fri, 18 Jul 2008 11:14:52 EDT, "Young, Keith" said:
>  
> > There is no FBI research to support the "70% Lie". Probably 
> > never has been and never will be.  No one can cite the "original 
> > research" because it doesn't exist.  It is myth.  It is urban legend.
>
> And how do you expect the FBI to produce data on their research of
> active/closed criminal intrusions? 
>
> What data do YOU have to counterpoint the 70% statistic?

I think Verizon Business's recent report (based on over 500 actual data breach
incidents) is fairly credible.  I'd certainly believe that insiders racked up
70% or more of the financial loss, even if they aren't 70% of the incidents.

The executive summary:

http://www.verizonbusiness.com/about/news/displaynews.xml?newsid=25135&mode=vzlong&lang=en&width=530

87% would have been preventable via reasonable security measures.
75% were discovered by a third party, not the victims.
66% involved data the victims didn't even know was on the system.

The full report:

http://www.verizonbusiness.com/resources/security/databreachreport.pdf

Attachment: _bin
Description:

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.