Interhack Home
Navigation

Interhack News
Year 2008
A Taxonomy of Recent Data Losses
Year 2007
Year 2006
Year 2005
Year 2004
Year 2003
Year 2002
Year 2001
 News

A Taxonomy of Recent Data Losses

Lee T. Ayres, CISSP
C. Matthew Curtin, CISSP

Malicious hackers tend to steal headlines, but do their stories correlate to the threats that are most prevalent in your industry? Reviewing a selection of publicized security incidents from 2005-2007, we propose a taxonomy of breaches based on the concept of the threat/vulnerability pair. We explore the proportion of incidents of each type in several broadly defined industries, followed by analysis and discussion of effective technical, procedural, and administrative controls. The data and analysis provided will assist business leaders in making informed decisions regarding the distribution of limited information security assets.

About Interhack

Based in Columbus, Ohio, Interhack Corporation is a professional services firm with clients all over North America. Founded in 1997 by a team of information security researchers, Interhack accepted the mission to make global computing and communications infrastructures worthy of trust. Interhack's two practice areas, Information Assurance and Forensic Computing, support that mission. The company is a supporting member of The Usenix Association and The Columbus Symphony Orchestra. Additional information about Interhack is available at web.interhack.com.

 
Contact Privacy Policy (c) 2001-2008 Interhack