News from 2011

Interhack news from the year 2011.

Interhack Adds Litigation Perspective to State Cyber Security Symposium

Representatives from agencies of the State of Ohio gather in downtown Columbus for a Cyber Security Symposium in honor of National Cyber Security Awareness Month. Their aim is to meet the challenge to protect state data. Interhack computer security expert Matthew Curtin is invited to speak about strategies to handle data adroitly to defend an entity against security incidents and in litigation.

The meeting is organized by the Ohio Environmental Protection Agency. The program is especially geared toward Chief Information Officers of state agencies in Ohio. 

Electronic discovery is a legal process that now is often supported by information security departments. When security incidents occur organizations suffering from attack often find themselves defending against litigation after the fact. Curtin's discussion Defending Your Agency on the Internet and in the Courtroom will address the process of electronic discovery, the role of technical experts in litigation, and how security departments can provide their agencies with the protection that they need. 

C. Matthew Curtin is the founder of the computer expert firm Interhack. His practice helps attorneys and executives understand and make use of computer technology and relevant data. He works extensively in litigation and IT crisis management throughout the country, often called as an expert witness in criminal, civil, and administrative matters. He is the author of two books on security and cryptography and a Lecturer in the Department of Computer Science and Engineering at The Ohio State University.

Schedule An Interhack Program in Your Organization

Interhack delivers presentations for CLE and CJE credit. If you would like to schedule an Interhack presentation in your association or law firm, please contact us for rates and availability.

About Interhack

Interhack aids executives and attorneys facing challenges and opportunities involving the use of information.  We perform security and privacy assessments, as well as services to work with data in legal proceedings.  Our work is used to find the right questions to ask and the best answers science can provide.  Based in Columbus, Ohio, Interhack supports clients all over North America.  Additional information about Interhack is available at web.interhack.com.

Drilling to Perfect Data Incident Response

Computer expert C. Matthew Curtin discusses preparing organizations for litigation, electronic discovery, and litigation holds at the Ohio Network for Healthcare Information Assurance (ONHIA) meeting on September 22, 2011.

Columbus, OH—Ohio Network for Healthcare Information Assurance (ONHIA) members gather on September 22, 2011 for a triannual members meeting. C. Matthew Curtin, computer scientist and Founder of Interhack Corporation, discusses how to prepare organizations for litigation, electronic discovery, and litigation holds

Electronic discovery throws IT professionals into a legal context—usually unfamiliar territory. The stakes are high where litigation is concerned. The easiest way to avoid pitfalls that can become expensive to address is not only to deploy technology and to develop procedures for using it, but to practice making them work together. Curtin discusses some of the problems that arise frequently, strategies for getting started, and techniques for perfecting electronic discovery projects. 

Register by contacting 

Sean Maziarz
Disaster Recovery Manager
OSU Medical Center IT - Information Security
W: 614.293.2026
Sean.Maziarz@osumc.edu 

 or

Steve Gruetter
Expedient Communications
W: 614-246-0104 C: 614-397-2329
Steve.gruetter@expedient.com

 

Schedule An Interhack Program in Your Organization

Interhack delivers presentations for CLE and CJE credit. If you would like to schedule an Interhack presentation in your association or law firm, please contact us for rates and availability.

About Interhack

Interhack aids executives and attorneys facing challenges and opportunities involving the use of information.  We perform security and privacy assessments, as well as services to work with data in legal proceedings.  Our work is used to find the right questions to ask and the best answers science can provide.  Based in Columbus, Ohio, Interhack supports clients all over North America.  Additional information about Interhack is available at web.interhack.com.

Online Seminar: Health Care Incident Response

Computer science expert Matt Curtin shows how to apply results of Interhack's original, published data loss research to health care organizations preparing for data incidents, including litigation holds and electronic discovery.

Columbus, OH—Incidents in healthcare come from many sources: malicious software, insiders, attackers, and even attorneys bringing litigation. Preparation is the key to avoiding and losing costly battles. Computer security expert Matt Curtin shows how to apply results of Interhack's original, published data loss research Using Science to Combat Data Loss: Analysis of Breaches by Type and Industry to health care organizations desiring to prepare. 

The Nebraska Hospital Association hosts the online seminar on September 19, 2011. Chief Information Officers, Directors of Information Systems, General Counsel, and others with responsibility for handling incidents will find the seminar extremely instructive. 

Attendees will learn how

  1. to identify critical issues arising in a particular incident, 
  2. to prepare the organization for handling incidents properly, and
  3. to demonstrate the ability to work through incidents.

Through the expert consulting and litigation support practice he leads at Interhack, Curtin regularly appears as an expert witness in criminal, civil, and administrative matters, showing how scientific analysis can be used to answer questions about technology and electronically stored information. Many of those matters revolve around data breaches, and Curtin frequently opines as to the privacy of data and how well the host organization was fulling it's duty to secure that privacy. He is also a Lecturer in the Department of Computer Science and Engineering at The Ohio State University. 

Register

Anyone may create an account and register for the Web seminar at the nhanet.org Web site. The cost is $195 per connection. An unlimited number of people may attend a single connection—excellent for enterprises and healthcare and hospital associations. 

For assistance with the online seminar, please contact 

Jon Borton, Vice President, Educational Services 

Nebraska Hospital Association 

3255 Salt Creek Circle, Suite 100 

Lincoln, NE 68504 

(402) 742-8147 

jborton@nhanet.org 

 

Schedule An Interhack Program in Your Organization

Interhack delivers presentations for CLE and CJE credit. If you would like to schedule an Interhack presentation in your association or law firm, please contact us for rates and availability.

About Interhack

Interhack aids executives and attorneys facing challenges and opportunities involving the use of information.  We perform security and privacy assessments, as well as services to work with data in legal proceedings.  Our work is used to find the right questions to ask and the best answers science can provide.  Based in Columbus, Ohio, Interhack supports clients all over North America.  Additional information about Interhack is available at web.interhack.com.

Interhack Presents Defensible Forensic Collection for International Legal Technology Association

(September 12, 2011) Litigation technology support specialists from around Ohio gather at the International Legal Technology Association state-wide regional meeting in Columbus, Ohio. Computer science expert Matthew Curtin is invited to speak on issues surrounding preservation of electronic stored information for use in adjudication.

Columbus, OH—Litigation technology support specialists from around Ohio gather at the International Legal Technology Association (ILTA) state-wide regional meeting in Columbus, Ohio on September 12, 2011. Computer science expert Matthew Curtin is invited to speak on issues surrounding preservation and handling of electronic stored information for use in adjudication. 

Litigation technology support specialists encounter electronic evidence daily. Curtin's session helped attendees understand the implications of various methods of handling the data.

Cutin provided two articles as source material for the discussion. Discovery Beyond Documents tells the story of a wrongful death suit he worked on and the discovery process in that case. The second, Electronic Discovery of Mobile Devices gives some background about the ability to assess data in electronic form and then jumps into a discussion of what kind of information we can extract from devices and the data that they produce. (A copy of this publication can be obtained by contacting Interhack.)

C. Matthew Curtin is the founder of the computer expert firm Interhack. His practice helps attorneys and executives understand and make use of computer technology and relevant data. He works extensively in litigation and IT crisis management throughout the country, often called as an expert witness in criminal, civil, and administrative matters. He is the author of two books and a Lecturer in the Department of Computer Science and Engineering at The Ohio State University.

Schedule An Interhack Program in Your Organization

Interhack delivers presentations for CLE and CJE credit. If you would like to schedule an Interhack presentation in your association or law firm, please contact us for rates and availability.

About Interhack

Interhack aids executives and attorneys facing challenges and opportunities involving the use of information.  We perform security and privacy assessments, as well as services to work with data in legal proceedings.  Our work is used to find the right questions to ask and the best answers science can provide.  Based in Columbus, Ohio, Interhack supports clients all over North America.  Additional information about Interhack is available at web.interhack.com.

Interhack Presents Integrity in Digital Evidence at Ohio Judicial College

(September 9, 2011) Scores of Ohio judges convened in Columbus on September 8-9 for the 2011 Ohio Judicial College Annual Meeting. Computer science expert C. Matthew Curtin addresses the audience in his session Integrity in Digital Evidence: Rendering Judgment on an Electronic Record.

Columbus, OH—Scores of Ohio judges convened in Columbus on September 8-9 for the 2011 Ohio Judicial College Annual Meeting. Computer science expert C. Matthew Curtin addresses the audience in his session Integrity in Digital Evidence: Rendering Judgment on an Electronic Record

"Our present rush to electronic information systems presents us with a challenge unique to our time: how to ensure the authenticity of an electronic record that costs essentially nothing to modify." — C. Matthew Curtin, Founder, Interhack Corp.

Man's present rush to electronic information systems presents us with a challenge unique to our time: how to ensure the authenticity of an electronic record that costs essentially nothing to modify. Judges and juries are presented more and more with evidence in digital format. This session examines the implications and helps judges the understanding necessary to render judgement on electronic records.

Matt Curtin is the Founder of Interhack Corporation—a computer experts firm—and a Lecturer in the Ohio State University's Department of Computer Science and Engineering. A technologist from childhood, Curtin has been applying his expertise in the science of computing to legal matters for over a decade, appearing as an expert witness in matters like the Pharmatrak Privacy Litigation in which the First Circuit U.S. Court of Appeals relied on his opinion to define was is considered protected “content” on the Web under ECPA. 

Schedule An Interhack Program in Your Organization

Interhack delivers presentations for CLE and CJE credit. If you would like to schedule an Interhack presentation in your association or law firm, please contact us for rates and availability.

About Interhack

Interhack aids executives and attorneys facing challenges and opportunities involving the use of information.  We perform security and privacy assessments, as well as services to work with data in legal proceedings.  Our work is used to find the right questions to ask and the best answers science can provide.  Based in Columbus, Ohio, Interhack supports clients all over North America.  Additional information about Interhack is available at web.interhack.com.

Drilling to Perfect E-Discovery

(June 8, 2011) Computer expert C. Matthew Curtin leads the discussion at an interactive e-discovery seminar at Technology First in Dayton, Ohio to prepare organizations for litigation, electronic discovery, and litigation holds.

Columbus, OH—Dayton area IT leaders gathered on June 8, 2011 for an interactive seminar to learn how to prepare their organizations for litigation, electronic discovery, and litigation holds.  The event is led by C. Matthew Curtin, computer scientist and Founder of Interhack Corporation, a computer science expert firm. 

The event will be led by C. Matthew Curtin, one of the most popular speakers that Technology First has ever hosted.—Technology First

Electronic discovery throws IT professionals into a legal context—usually unfamiliar territory. The stakes are high where litigation is concerned. The easiest way to avoid pitfalls that can become expensive to address is not only to deploy technology and to develop procedures for using it, but to practice making them work together. Curtin discusses some of the problems that arise frequently, strategies for getting started, and techniques for perfecting electronic discovery projects. 

Schedule An Interhack Program in Your Organization

Interhack delivers presentations for CLE and CJE credit. If you would like to schedule an Interhack presentation in your association or law firm, please contact us for rates and availability.

About Interhack

Interhack aids executives and attorneys facing challenges and opportunities involving the use of information.  We perform security and privacy assessments, as well as services to work with data in legal proceedings.  Our work is used to find the right questions to ask and the best answers science can provide.  Based in Columbus, Ohio, Interhack supports clients all over North America.  Additional information about Interhack is available at web.interhack.com.

Cloud Computing Presents Legal and Data Security Challenges

(May 5, 2011) Over 1,000 attorneys gather at the Hyatt Regency in Columbus, Ohio on May 4-6, 2011 for the Ohio State Bar Association Annual Meeting. Computer science expert Matthew Curtin discusses how to prevent and mitigate data breaches at the Corporate Counsel Section seminar Cloud Computing: Navigating The Legal Fog.

Columbus, OH—Over 1,000 attorneys gather at the Hyatt Regency in Columbus, Ohio on May 4-6, 2011 for the Ohio State Bar Association Annual Meeting. Computer science expert witness Matthew Curtin is invited to speak at the Corporate Counsel Section seminar Cloud Computing: Navigating The Legal Fog. Karen Hockstad, Esq. of Shumaker Loop & Kendrick moderates the discussion between panelists Alan Wernick, Esq. of FSB FisherBroyles, LLP, and Curtin, Founder, Interhack Corporation. 

“Understanding two truths can help us to be successful in our use of computers, including cloud services: computer systems fail and people make mistakes.” —C. Matthew Curtin, Founder, Interhack Corp.

Cloud computing is an integral part of the evolving IT strategy in businesses today and presents many legal/business risks and opportunities. This seminar examines some of the legal, ethical, and technical implications of cloud computing. 

After laying a foundation as to the nature of cloud computing, the panel will discuss some of the key advantages and legal issues confronting users of the cloud computing model. Alan Wernick speaks to key contract provisions in cloud computing contracts and how to handle legal compliance in the cloud. Matt Curtin covers how to be prepared to respond to incidents and how to mitigate the damage when they do occur. Based on Interhack's data breach research, Curtin can even show how different industries are most likely to lose data. 

Matt Curtin is the Founder of Interhack Corporation—a computer experts firm—and a Lecturer in the Ohio State University's Department of Computer Science and Engineering. A technologist from childhood, Curtin has been applying his expertise in the science of computing to legal matters for over a decade, appearing as an expert witness in matters like the Pharmatrak Privacy Litigation in which the First Circuit U.S. Court of Appeals relied on his opinion to define was is considered protected “content” on the Web under ECPA. 

For more than two decades, Alan Wernick has practiced law in the areas of information technology and intellectual property. He has represented clients before the United States Supreme Court and is a contributor to Chicago Lawyer and National Law Journal

Schedule An Interhack Program in Your Organization

Interhack delivers presentations for CLE and CJE credit. If you would like to schedule an Interhack presentation in your association or law firm, please contact us for rates and availability.

About Interhack

Interhack aids executives and attorneys facing challenges and opportunities involving the use of information.  We perform security and privacy assessments, as well as services to work with data in legal proceedings.  Our work is used to find the right questions to ask and the best answers science can provide.  Based in Columbus, Ohio, Interhack supports clients all over North America.  Additional information about Interhack is available at web.interhack.com.

Interhack Supports the Ohio State Bar Association Annual Convention

(May 5-6, 2011) Over 1,000 attorneys gather at the Hyatt Regency in Columbus, Ohio on May 4-6, 2011 for the Ohio State Bar Association Annual Meeting. Interhack showcases its computer expert services. Attorneys hear computer science expert Matt Curtin describe how to help clients mitigate data breaches in the cloud and how to use Rule 26 computer experts to ensure competent e-discovery.

Columbus, OH—Interhack returns to support the Ohio State Bar Association's Annual Convention in Columbus, Ohio, on May 5-6, 2011. Attorneys attending the Corporate Counsel Section seminar Cloud Computing: Navigating The Legal Fog learn how to help their clients prevent and mitigate data breaches particular to cloud computing.

Attorneys have the opportunity to visit Interhack's booth and find out how to use Rule 26 computer expert witnesses:

  • to help ensure counsel is asking for and receiving the right data,
  • to ensure defensible discovery procedures and execution, and
  • to provide strategies and protocols to keep costs down.

About Interhack

Interhack aids executives and attorneys facing challenges and opportunities involving the use of information.  We perform security and privacy assessments, as well as services to work with data in legal proceedings.  Our work is used to find the right questions to ask and the best answers science can provide.  Based in Columbus, Ohio, Interhack supports clients all over North America.  Additional information about Interhack is available at web.interhack.com.

Computer Scientist Shares Experience Rebutting Opposing Experts' Opinions

(April 15, 2011) Computer science expert C. Matthew Curtin presents Persuasively Rebutting Opposing Experts’ Opinions at SEAK National Expert Witness Conference in Naples, Florida.

Columbus, OH—On April 15, 2011, computer science expert C. Matthew Curtin presents Persuasively Rebutting Opposing Experts’ Opinions at SEAK National Expert Witness Conference in Naples, Florida.  Curtin explains the correct and incorrect ways to rebut an opposing expert’s opinions—both in a written report and when testifying at deposition and trial. He details best practices in analyzing an opposing expert’s report and preparing retaining counsel for cross-examination. Further, Curtin describes and explains how an expert can recognize and seize an opportunity to make his point when presented by an opposing expert and how to recognize when an opposing expert’s analysis is immaterial to the issue at hand. 

Curtin's career in expert litigation consulting and testimony was born in the late 1990s when counsel discovered his research about online privacy and security and began asking him to explain the meaning of electronic stored information in their own litigation. Application of the scientific rigor he was accustomed to in research served him and his clients well in the courtroom. 

Schedule An Interhack Program in Your Organization

Interhack delivers presentations for CLE and CJE credit. If you would like to schedule an Interhack presentation in your association or law firm, please contact us for rates and availability.

About Interhack

Interhack aids executives and attorneys facing challenges and opportunities involving the use of information.  We perform security and privacy assessments, as well as services to work with data in legal proceedings.  Our work is used to find the right questions to ask and the best answers science can provide.  Based in Columbus, Ohio, Interhack supports clients all over North America.  Additional information about Interhack is available at web.interhack.com.

ABA Business Law Section Seeks Expertise of Interhack Computer Science

(April 14, 2011) Interhack Corporation computer scientist C. Matthew Curtin brings expertise to bear at the ABA Business Law Section Spring Meeting in Boston, Massachusetts regarding Electronic Health Records.

Columbus, OH—Interhack computer science expert Matthew Curtin will participate in the panel discussion Healthcare Reform and the Cost of Electronic Health Records (EHRs) at the American Bar Association (ABA) Business Law Section Spring Meeting in Boston, Massachusetts. Nearly 1500 attorneys will gather there on April 14-16, 2011. 

"From data breaches to availability failures, and from misplaced focus to litigation, failures can be costly. We have been working with IT long enough now that we have a good sense not only for its benefits but how it fails." —C. Matthew Curtin, Founder Interhack Corp.

Curtin's understanding and advising as to how systems like EHRs actually work informs the discussion. He provides context showing how to avoid repeating IT's mistakes of the past in the deployment of EHRs. 

For over a decade, attorneys have relied on Curtin's opinion to inform their strategy in all manner of adjudication—civil plaintiffs actions, data breaches, insurance fraud, employment matters, and criminal defense cases. 

Schedule An Interhack Program in Your Organization

Interhack delivers presentations for CLE and CJE credit. If you would like to schedule an Interhack presentation in your association or law firm, please contact us for rates and availability.

About Interhack

Interhack aids executives and attorneys facing challenges and opportunities involving the use of information.  We perform security and privacy assessments, as well as services to work with data in legal proceedings.  Our work is used to find the right questions to ask and the best answers science can provide.  Based in Columbus, Ohio, Interhack supports clients all over North America.  Additional information about Interhack is available at web.interhack.com.

Computer Scientist Prepares Law Students for Best Use of Experts

(March 28, 2011) Interhack scientist Matthew Curtin appears as an expert in federal and state courts. He visits Case Western Reserve University School of Law to share his experience regarding the best use of expert witnesses in adjudication.

Columbus, OH—Computer science expert Matthew Curtin visits Case Western Reserve University School of Law in Cleveland, Ohio on March 28, 2011 to prepare law students to make the best use of expert witnesses in adjudication. Attorneys understand that successful argumentation requires mastery of the facts. When the facts are electronic, they must rely on the opinion of computer experts. 

There are a lot of options for handling electronic stored information (ESI) in litigation these days. There are endless software platforms, tools, certifications, electronic discovery vendors, and practitioners of forensic computing. The last thing that attorneys need to hear is that “the system doesn’t do” what they need. An expert can help counsel to avoid that position.

Mr. Curtin has been appearing as an expert witness in federal and state courts for over a decade. His opinions, backed by the technical analysis of his teams, have impacted results in litigation from class action suits regarding online privacy to criminal defense cases where electronic stored information is in question. With this history of application of computer science, Mr. Curtin demonstrates to Case Western Reserve law students the power of unassailable opinion.

Schedule An Interhack Program in Your Organization

Interhack delivers presentations for CLE and CJE credit. If you would like to schedule an Interhack presentation in your association or law firm, please contact us for rates and availability.

About Interhack

Interhack aids executives and attorneys facing challenges and opportunities involving the use of information.  We perform security and privacy assessments, as well as services to work with data in legal proceedings.  Our work is used to find the right questions to ask and the best answers science can provide.  Based in Columbus, Ohio, Interhack supports clients all over North America.  Additional information about Interhack is available at web.interhack.com.

Health Care Incident Response

(February 22, 2011) Interhack Founder Matthew Curtin returns to HIMSS Annual Conference in February 2011 to discuss data breach incident response in the health care industry. Curtin presents Healthcare Incident Response at 8:30AM EST on February 22 at the Orange County Convention Center.

Columbus, OH—Interhack Founder Matthew Curtin returns to HIMSS Annual Conference in February 2011 to discuss data breach incident response in the health care industry. Curtin presents Healthcare Incident Response at 8:30AM EST on February 22 at the Orange County Convention Center in Orlando, Florida. 

As information security and litigation both place demands on the organization to preserve and to produce critical data for analysis, the sensitivity of information such as patient records presents a variety of challenges. In the course of handling electronic discovery, security breaches, and other unplanned events, practitioners observe common issues that can help organizations to do a better job of responding to unplanned events. 

In responding to an incident, the relevant data must first be identified, as well as requirements for use of the data, then methods for preservation of the data. Data preservation methods bring with them certain consequences that may affect other classes of information. Managing information under such circumstances becomes paramount, to ensure that the correct information gets to the people who need it to make critical decisions while at the same time protecting the privacy of confidential and otherwise protected information. 

Fast-moving and high-stakes situations are no time for improvising methods to address known issues. Decisions made in the moment will be judged with 20/20 hindsight potentially years after the fact. 

In the approach we recommend, organizations need to prepare methods for handling incidents that include triage of incident type, methods to scramble the correct groups of people, and tested tools and techniques to address the issues raised by the situation. 

We present specific items for organizations to ensure that they have included in their incident response plans, unique to healthcare. 

Information and registration for HIMSS11 can be found at http://www.himssconference.org.

Schedule An Interhack Program in Your Organization

Interhack delivers presentations for CLE and CJE credit. If you would like to schedule an Interhack presentation in your association or law firm, please contact us for rates and availability.

About Interhack

Interhack aids executives and attorneys facing challenges and opportunities involving the use of information.  We perform security and privacy assessments, as well as services to work with data in legal proceedings.  Our work is used to find the right questions to ask and the best answers science can provide.  Based in Columbus, Ohio, Interhack supports clients all over North America.  Additional information about Interhack is available at web.interhack.com.

Matt Curtin Tells Crypto War Stories at Ohio University

(February 1, 2011) Matt Curtin presents "Cracking the Data Encryption Standard" to the student group Telecommunications Systems Management Association (TSMA) at Ohio University. He discusses breaking the then government standard for data encryption, including the impact on U.S. policy for its use.

Columbus, OH—Cryptographer and computer science expert Matt Curtin presents "Cracking the Data Encryption Standard" to the student group Telecommunications Systems Management Association (TSMA) at Ohio University. He discusses breaking the then government standard for data encryption, including the impact on U.S. policy for its use. 

Curtin is one of the coordinators of the DESCHALL project sponsored by RSA that broke a secret message encrypted with what was then the government standard. In his book Brute Force: Cracking the Data Encryption Standard, Curtin presents a unique insider view of how the project came together and what happened behind the scenes to demonstrate the weakness of the standard and ultimately to usher in the age of unrestricted cryptography.

Schedule An Interhack Program in Your Organization

Interhack delivers presentations for CLE and CJE credit. If you would like to schedule an Interhack presentation in your association or law firm, please contact us for rates and availability.

About Interhack

Interhack aids executives and attorneys facing challenges and opportunities involving the use of information.  We perform security and privacy assessments, as well as services to work with data in legal proceedings.  Our work is used to find the right questions to ask and the best answers science can provide.  Based in Columbus, Ohio, Interhack supports clients all over North America.  Additional information about Interhack is available at web.interhack.com.

Beyond Simple Compliance: Using Data-driven Prioritization of Controls

(January 13, 2011) Are all information security controls created equal? Interhack Founder Matthew Curtin presents an update to Interhack original research Using Science to Combat Data Loss: Analyzing Breaches by Type and Industry. Curtin addresses Central Ohio ISACA members on Thursday January 13, 2011.

Columbus, OH—Are all information security controls created equal? Interhack Founder Matthew Curtin presents an update to Interhack original research Using Science to Combat Data Loss: Analysis of Breaches by Type and Industry. Curtin addresses Central Ohio ISACA members on Thursday January 13, 2011. 

Curtin shows how context can demonstrate the need for prioritization among controls enumerated in frameworks such as the ISO 27002, NIST SP800-53, and CobiT. The context is Interhack research classifying data breaches and analyzed to show the relationships between reported breach types and the industries in which they're found. 

Working through the Identity Theft Resource Center's list of reported data breaches, Curtin and coauthor Lee Ayres applied the previously-published Interhack Breach Taxonomy and the breach taxonomy key to identify type. Using the 2002 North American Industry Classification System, they classified each report by industry.

This research shows that the Health Care and Social Assistance sector reported a larger than average proportion of lost and stolen computing hardware, but reported an unusually low proportion of compromised hosts. Educational Services reported a disproportionately large number of compromised hosts, while insider conduct and lost and stolen hardware were well below the proportion common to the set as a whole. Public Administration’s proportion of compromised host reports was below average, but their share of processing errors was well above the norm. The Finance and Insurance sector experienced the smallest overall proportion of processing errors, but the highest proportion of insider misconduct.

“As we look beyond simple compliance with control requirements to good risk management, we can speak meaningfully about likelihood of various types of events occurring, and how that affects how organizations prioritize their defensive resources.” 
—C. Matthew Curtin, Founder Interhack Corp.

Information about registration and attendance can be found online at http://www.isaca-centralohio.org

Schedule An Interhack Program in Your Organization

Interhack delivers presentations for CLE and CJE credit. If you would like to schedule an Interhack presentation in your association or law firm, please contact us for rates and availability.

About Interhack

Interhack aids executives and attorneys facing challenges and opportunities involving the use of information.  We perform security and privacy assessments, as well as services to work with data in legal proceedings.  Our work is used to find the right questions to ask and the best answers science can provide.  Based in Columbus, Ohio, Interhack supports clients all over North America.  Additional information about Interhack is available at web.interhack.com.