A quick check on breach size distribution

Mike Roytman of RiskI/O argued in a recent BSides Las Vegas presentation that power law distributions are often far more useful when modeling incident impact than the more commonly used normal distribution (and certainly more useful than point estimates of central tendency, like median or mean).

He presented some empirical evidence of his own for this claim, and – as a good presenter does – got me thinking. Grabbing some nearby data from 110 breaches of known size involving NY firms in 2006 (which I gathered via FOIA and used in a FIRST presentation) I was able to pretty quickly crank out a pretty graphic.

Lo and behold, I do believe the gentleman is on to something. And it was fun to put the old data to new use.Rplot-pow.png

Advertisements
This entry was posted in Security. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s