RR-303_final
SUsing Science to
Battle Data Loss:
Analyzing Breaches byAnalyzing Breaches by
Type and Industry
C. Matthew Curtin, CISSP
Interhack Corporation
04/23/09 | RR-303
Advanced
Learning Objectives
• See how scientific analysis can work in security
• Dist...
SUsing Science to
Battle Data Loss:
Analyzing Breaches byAnalyzing Breaches by
Type and Industry
C. Matthew Curtin, CISSP
Interhack Corporation
04/23/09 | RR-303
Advanced
Learning Objectives
• See how scientific analysis can work in security
• Distinguish among types of data loss incidents
• Analyze data loss incidents for where to focusAnalyze data loss incidents for where to focus
• See how to improve the state of the art
Agenda
What In The World Is Going On Out There?
A Taxonomy of Data LossesA Taxonomy of Data Losses
B h R t b T d I d tBreach Reports by Type and Industry
Now What?
3
What in theWhat in the
World is
G i OGoing On
Out There?Out There?
Technology Problem?
5
AA
Taxonomy
f D tof Data
LossesLosses
Taxonomy of Data Losses: Introduction
Taxonomy of Data Losses: Physical
Taxonomy of Data Losses: Logical
Taxonomy of Data Losses: Procedural
Not All Breaches Happen Alike
Where Do Breaches Happen? NAICS!
Agriculture, Forestry, Fishing, and Hunting
Mining
Utilities
Construction
ManufacturingManufacturing
Wholesale Trade
Retail TradeRetail Trade
Transportation and Warehousing
More NAICS
Information
Finance and Insurance
Real Estate and Rental and LeasingReal Estate and Rental and Leasing
Professional, Scientific, and Technical Services
Educational Services
Health Care and Social Assistance
Public Administration
BreachBreach
Reports by
T dType and
IndustryIndustry
Breaches Observed: Type and Industry
Test of Significance in Nominal Data: x2
Tests for statistical significance estimate the
probability of chance in observations.
Looking for probability of error at 5% (p=0.05).
Threshold used to determine whether to reject null
hypothesishypothesis.
x2 Analysis: P-Values by Type
Docs .5116643991
Media .0172283798
Hardware 0001473399Hardware .0001473399
Insider .0344524032
C i 0000000001Compromise .0000000001
Processing .0001688209
Disposal .0384812865
x2 Analysis: P-Values by Industry
Agriculture .8760759196
Mining 4832063360
Real Est .0612124637
Prof Svc .1271919999Mining .4832063360
Utilities .5512226506
f
Adm Svc .3659340107
Edu 0000000001Mfg .1817398353
Retail
0034487983
Edu .0000000001
Health .0000096276
A t 2484658204.0034487983
Transp .5437545766
Arts .2484658204
Accom .0022826685
Information.2034512769
Finance .0157029420
Services .3049347667
Pub Adm.0018734368
Statistically Significant Observations
Disposal
Processing
Insider
Compromise
Hardware
Documents
Media
Trends: More Data Needed
This Analysis Might Be Useful One Day
Education Pub Admin
Financial Health
Now What?Now What?
How to Use the Taxonomy
• See the full report!
Distributed to IAPP via I/S Journal– Distributed to IAPP via I/S Journal
– Available for download from http://web.interhack.com/.
• Report breaches using taxonomy• Report breaches using taxonomy
• Apply to your data set of choice—we used
Identity Theft Resource Center's breach listIdentity Theft Resource Center s breach list
• We will release updates with more data
23
How to Apply This Work
See how your industry fares to others.
See how your firm fares to others in your industry.
Use a common language to discuss how data
losses take placelosses take place.
本文档为【RR-303_final】,请使用软件OFFICE或WPS软件打开。作品中的文字与图均可以修改和编辑,
图片更改请在作品中右键图片并更换,文字修改请直接点击文字进行修改,也可以新增和删除文档中的内容。
该文档来自用户分享,如有侵权行为请发邮件ishare@vip.sina.com联系网站客服,我们会及时删除。
[版权声明] 本站所有资料为用户分享产生,若发现您的权利被侵害,请联系客服邮件isharekefu@iask.cn,我们尽快处理。
本作品所展示的图片、画像、字体、音乐的版权可能需版权方额外授权,请谨慎使用。
网站提供的党政主题相关内容(国旗、国徽、党徽..)目的在于配合国家政策宣传,仅限个人学习分享使用,禁止用于任何广告和商用目的。