Data breaches have a lognormal distribution

[security curmudgeon <jericho () attrition org>]

http://superconductor.voltage.com/2009/05/data-breaches-have-a-lognormal-distribution.html

Tuesday, May 12, 2009
Data breaches have a lognormal distribution
- Luther Martin

In many parts of information security, there's very little reliable data 
that you can use to help you make decisions. For data breaches, however, 
there's a fair amount of data available, and you can get a database of 
almost 2,000 data breaches from the Open Security Foundation at their web 
site datalossdb.org. There's lots of information in this database, and it 
shows some interesting patterns. In particular, here's what you see if you 
plot the number of records ("TotalAffected" in the OSF database) 
compromised by each breach from 2006 to the present. It's hard to see a 
pattern in this data.

[..]

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)

Get business, compliance, IT and security staff on the same page with
CREDANT Technologies: The Shortcut Guide to Understanding Data Protection
from Four Critical Perspectives. The eBook begins with considerations
important to executives and business leaders.
http://www.credant.com/campaigns/ebook-chpt-one-web.php