By Wade Baker

“Attacks vary, therefore risk management doesn’t work.” To be fair, that’s not a direct quote from a recent Dark Reading article entitled “Why Risk Management Doesn’t Work”, but it is an accurate expression of its message. Like us (and Alex Hutton of RMI), you may be thinking that something about that message doesn’t seem quite right. Congratulations – you’re a logician.

Non sequitur is a Latin phrase meaning “it does not follow.” It applies to an argument where the conclusion does not logically follow from the premise. Need a good example? Check out the Dark Reading article which discusses our 2008 Data Breach Investigations Supplemental Report. Actually, the article itself isn’t bad; it does a fine job covering some of the findings from our report. My main objection is with the logical conclusion implied in the title which, oddly, doesn’t seem to square with what the article spends most of its time discussing.
(more…)

Dr. Peter Tippett, VP of Research and Risk Intelligence for Verizon Business Security Solutions, was recently interviewed by Robert Richardson at Information Week about the Data Breach Supplemental Report. Visit the links below to listen.

Listen to Part I

Listen to Part II

By Wade Baker

Today, we released a supplement to our 2008 Data Breach Investigations Report (DBIR) that focuses on four major industry groups. As many of you know, the original document compiled four years of data from over 500 cases worked by our Investigative Response team and was intended to be a kind of “state of the union” look at recent security breach and data compromise trends.

(more…)