I’ve given Vz’s DBIR a quick perusal. The data are interesting indeed and the recommendations are obvious. There is little new here in the way of recommendations – I guess nobody is listening or the controls are ineffective (or a bit of both). Regardless, I have a few items that confuse and irritate me a [...]
The Microsoft SIR was released 4/8 and is available for download here. Some of the interesting stuff they put in graphs is from the Open Security Foundation’s OSF Data Loss Database (http://datalossdb.org). Among the interesting things in the Microsoft SIR: Good old theft and losing equipment, when combined, still beats the sexier categories hands down. [...]
The WSJ has an article up today about how the Russians and Chinese are mapping the US electirical grid. What I thought was more interesting was the graph they used (which is only mildly related to the article itself). If I’m reading this correctly, the DHS is claiming that there were just under 70,000 breaches [...]