Re: CRIME 80/20 Rule

From: Gary Warner (gar@private)
Date: Tue Aug 19 2003 - 17:59:43 PDT

  • Next message: Kuo, Jimmy: "RE: CRIME SOBIG ADVISORY"

    anytime you hear "80 / 20" you can assume someone is inventing
    statistics based on the famous and imaginary "80/20 Rule".
    
    Its not necessarily (ok, not even close to) a scientific sampling, but
    the CSI/FBI Annual Security report has some numbers in this area.
    
    http://i.cmpnet.com/gocsi/db_area/pdfs/fbi/FBI2003.pdf
    
    (You have to fill out a "registration" to get the pdf so they can spam
    you, but its Nice Spam...8-)  )
    
    45% of respondents reported "unauthorized Access by Insiders".  80%
    reported "Insider Abuse of Net Access" 
    
    Specifically with regards to attacks vs. WWW sites, the question "Did
    the attacks come from Inside, Outside, Both, or Don't Know" yielded:
    
     5% inside
    53% outside 
    18% both
    24% don't know
    
    
    _-_
    gar
    



    This archive was generated by hypermail 2b30 : Tue Aug 19 2003 - 18:45:28 PDT