Analysis of security breaches

Interhack has a study of security breaches by industry and type. The authors categorized 925 security incidents using a taxonomy they developed. They then analyze the incidents by industry and type of incident. Two interesting points were that the Financial industry had the highest percentage of insider attacks and that incidents caused by insiders were more common than those caused by outsiders.

While the bulk of media attention on threats to private information is given to the activity of outside attackers, these breaches account for only approximately 22% of the instances in our data set. More significant is the number and type of breaches caused by people within an organization. Poor procedures, human errors by staff (Processing and Disposal), and the malicious activities of people on the inside of an organization account for greater than 35% of our observations.

Leave a Reply

Your email address will not be published.