[Previous entry: "0wned by the lowly Oracle rowid pseudo function?"] [Next entry: "Oracle 11g DBMS_SQL Security Changes"]

11/01/2007: "Inadvertent exposure at root of most breaches?"

I've been analysing publicised breaches as part of my research for my upcoming talk at the Information Security Decisions conference in Chicago next Tuesday. Since January 1st 2007, the single largest contributing cause to electronic breaches is not hacking or insider malice but simply inadvertent exposure. Here are the details. Word documents and spreadsheets mistakenly left on a web server or indexed by a search engine account for 20.6% of the 276 breaches, both physical and digital, recorded up to the 23rd of October. This means that a fifth of the breach problem could be solved if companies actively and regularly hunted out such relict documents themselves. Another apsect of the review of breaches is that it seems many of the discoveries were made by well meaning members of the public who found them by accident. This indicates that the real number of breaches is considerably higher: criminals, who we know are actively seeking out such information, aren't going to inform anyone about what they find. The same is true of breaches due to compromise - the number must be higher. Whilst it's impossible to say exactly how many compromises go unnoticed it's easy to ascertain how many compromises go unnoticed for a "long time" before eventually coming to light, for example either through an audit or an investigation of fraudulent activity. That this happens indicates that not all companies have the means to be able to detect a compromise as and when it happens which lends itself to the case that compromises go unnoticed.