Breach announcements

Hooked on hacks

Posted on by Leave a comment

To distort a phrase from media criticism: if it HEARTBLEEDS, it leads.   I have no proof of this, but I am guessing that the number of journalists that now have experience writing about cybersecurity events has increased dramatically in the past year.

Big breaches have always been news, but with a cluster of them occurring recently and a growing sophistication on the part of the public around what is going on with cyber-crime, coverage of these breaches is getting more expansive.  Used to be you had an article about a breach that was focused on the impacted company’s breach announcement and that was the end of it.  Now we have experts talking about things like “attribution” and multiple press releases from the companies that are impacted.  Even when South Carolina got breached in 2012, apart from the governor’s news conference, there was hardly any mention in the press of “attribution.”

Like the guy selling chestnuts on the corner of 230th Street and Kingsbridge Avenue in the Bronx when I was growing up might have said: “I gots no problem wid dat.”

I’m actually looking forward to the next step.   I am a data geek (Alex Hutton once called me a data scientist, but I’m not that well trained) and I can see the analysis on the horizon.

Consider that there might now be millions of people out there who have been offered credit monitoring services due to one data breach or another.    The analysis is what is known as a “waterfall” analysis:

  1. Number of people who receive credit monitoring services
  2. Of those, number of people who received it as a result of a free offer they received due to a breach
  3. Of those, number of people who get an alert

And of course, there is the companion analysis:

  1. Number of people who receive credit monitoring services
  2. Of those, number of people who received it NOT as a result of a free offer they received due to a breach
  3. Of those, number of people who get an alert

When you compare the ratio of 3:2 to 6:5, then you would get some idea of the impact of the breach on the individual’s whose data was breached.  It would be an approximation because not everyone offered will take the service and not every impact one experiences causes an alert on a monitoring service.  And not every alert for people who get the service as a result of a breach will be related to the breach.

But as a back of the envelope look at things, it would be pretty interesting (are you listening Dr. Ponemon?)

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.