[Dataloss] security breaches as a result of email

[Dennis Opacki]

I believe that what we are talking about here is "root cause analysis". Unfortunately, getting to the root cause of the event often requires a degree of sophistication and communication uncommon in companies experiencing data breaches. I usually send people interested in this sort of analysis to Rooney and Vanden Huevel's write-up[1]. While focused on quality control, it gives some good direction on causal factor charting and root cause identification. I have had luck in the past adapting it to computer security applications.

-Dennis

[1] http://www.asq.org/pub/qualityprogress/past/0704/qp0704rooney.pdf 



From: B.K. DeLong
Sent: Wed 10/11/2006 11:02 AM
To: Al Mac
Cc: dataloss at attrition.org
Subject: Re: [Dataloss] security breaches as a result of email





On 10/11/06, Al Mac <macwheel99 at sigecom.net> wrote: 
The data base has coding http://attrition.org/dataloss/dldoskey.html as to
nature of breach that could narrow you down to this kind of relevance, but
this is something that continues to evolve, and be improved upon by 
feedback here.  I do not see in the chart a coding for the nature of the
breach:
* laptop gone missing
* dumpster diving
* hacker broke in
* data managers must have been computer illiterates
* data managers must have been privacy illiterates 
* e-mail stupidity
* etc.
so if you do a search of the raw data, looking for "e-mail" you going to
get a lot of hits that what was breached was person's e-mail address


You make a good point - this is definitely something else we should be tracking in the DLDOS. 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://attrition.org/pipermail/dataloss/attachments/20061011/38c17d14/attachment.html