Automated Retrieval of Security Statistics from the World Wide Web
Loading...
Authors
McVicker, Michael
Avellino, Paul
Rowe, Neil C.
Subjects
Advisors
Date of Issue
2007-03-07
Date
March 7, 2007
Publisher
Monterey, California. Naval Postgraduate School
Language
Abstract
Many statistics pertaining to information security are cited with little supporting evidence. Consider the fraction of cyber-attacks due to insiders. The U.S. Secret Service in 1996 estimated 60%, Network World in 2000 estimated 70% to 90% for “corporate networks” (and said only 1 in 50 attacks is detected), Deloitte and Touche gave it as 35% in 2004 in a study of the financial industry, a CERT briefing in 2005 gave it as 20%, a Carnegie-Mellon report in 2004 gave it as 39%, and the CSI/FBI annual survey for 2006 estimated that 26% of financial losses anyway came from insiders. Which should we believe? The figures are based on different data collection methods and some are more reliable than others. Most do not adequately identify their sources.
Type
Conference Paper
Series/Report No
Department
Organization
National Science Foundation (U.S.)
Identifiers
NPS Report Number
Sponsors
Supported in part by the National Science Foundation under the Cyber Trust Program.
Funder
Format
Citation
Proceedings of the 8th IEEE Workshop on Information Assurance, West Point, NY, June 2007
Distribution Statement
Approved for public release; distribution is unlimited.