From: Dennis Opacki (DOpackiCovestic.com)
Date: Wed Oct 11 2006 - 13:51:18 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I believe that what we are talking about here is "root cause analysis". Unfortunately, getting to the root cause of the event often requires a degree of sophistication and communication uncommon in companies experiencing data breaches. I usually send people interested in this sort of analysis to Rooney and Vanden Huevel's write-up[1]. While focused on quality control, it gives some good direction on causal factor charting and root cause identification. I have had luck in the past adapting it to computer security applications.

-Dennis

[1] http://www.asq.org/pub/qualityprogress/past/0704/qp0704rooney.pdf

From: B.K. DeLong
Sent: Wed 10/11/2006 11:02 AM
To: Al Mac
Cc: datalossattrition.org
Subject: Re: [Dataloss] security breaches as a result of email

On 10/11/06, Al Mac <macwheel99sigecom.net> wrote:
The data base has coding http://attrition.org/dataloss/dldoskey.html as to
nature of breach that could narrow you down to this kind of relevance, but
this is something that continues to evolve, and be improved upon by
feedback here. I do not see in the chart a coding for the nature of the
breach:
* laptop gone missing
* dumpster diving
* hacker broke in
* data managers must have been computer illiterates
* data managers must have been privacy illiterates
* e-mail stupidity
* etc.
so if you do a search of the raw data, looking for "e-mail" you going to
get a lot of hits that what was breached was person's e-mail address

You make a good point - this is definitely something else we should be tracking in the DLDOS.

_______________________________________________
Dataloss Mailing List (datalossattrition.org)
http://attrition.org/dataloss
Tracking more than 136 million compromised records in 416 incidents over 6 years.

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]