Re: CRIME 80/20 Rule

From: Craig.Schiller@private
Date: Wed Aug 20 2003 - 08:18:36 PDT

Next message: Robert D. Young: "RE: CRIME spreading "good" worms is a very bad idea"

Previous message: Crispin Cowan: "Re: CRIME 80/20 Rule"
Maybe in reply to: Daggett, Steve: "CRIME 80/20 Rule"
Next in thread: Zot O'Connor: "Re: CRIME 80/20 Rule"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This falls in the same category as my favorite statistic.  Year's ago Donn
Parker was quoted in US News and World Reports and subsequently picked up
in many other reputable news media as saying that 85.6 % of all computer
crime goes unreported.  Knowing that Donn doesn't believe in statistics I
asked him where the number came from.  He told me, "I chose 85 to represent
a big number and add the .6 for precision."
<grin>

Craig A Schiller, CISSP
Global Information Security Officer
RadiSys Corporation
craig.schiller@private
503.615.1646


This electronic message contains information which may be confidential,
privileged or otherwise protected from disclosure.  The information is
intended to be used solely by the named recipient(s).  If you are not a
named recipient, any review, disclosure, copying, distribution or use
of this transmission or its contents is prohibited.  If you have received
this transmission in error, please notify me immediately.


|---------+---------------------------->
|         |           Crispin Cowan    |
|         |           <crispin@immunix.|
|         |           com>             |
|         |           Sent by:         |
|         |           owner-crime@private|
|         |           x.edu            |
|         |                            |
|         |                            |
|         |            08/19/2003 10:30|
|         |           PM               |
|         |                            |
|---------+---------------------------->
  >-------------------------------------------------------------------------------------------------------------------------------|
  |                                                                                                                               |
  |       To:       "Daggett, Steve" <Steve.Daggett@private>                                                                   |
  |       cc:       "Crime (E-mail)" <crime@private>                                                                           |
  |       Subject:  Re: CRIME 80/20 Rule                                                                                          |
  >-------------------------------------------------------------------------------------------------------------------------------|




Daggett, Steve wrote:

>  There's an often quoted statistic that 20% of network intrusions come
from
>the outside and 80% intrusions are inside jobs.
>
>  I've heard it, I've read it, I've even said it...  Does anyone know were
>the statistic comes from?  I've been looking around the web and can't seem
>to find an authoritative source for the statistic.
>
It comes from the same place as the statistic that 57.3% of intrusion
statistics are made up, and 21.85% of security statistics are pure FUD :-)

Crispin

--
Crispin Cowan, Ph.D.           http://immunix.com/~crispin/
Chief Scientist, Immunix       http://immunix.com
            http://www.immunix.com/shop/

Next message: Robert D. Young: "RE: CRIME spreading "good" worms is a very bad idea"
Previous message: Crispin Cowan: "Re: CRIME 80/20 Rule"
Maybe in reply to: Daggett, Steve: "CRIME 80/20 Rule"
Next in thread: Zot O'Connor: "Re: CRIME 80/20 Rule"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Aug 20 2003 - 09:26:19 PDT