So, everybody heard that "80% of something bad is due to insiders;" moreover, many just hate this mystery statistic. Here are a few common and different versions:
1. "80% of security attacks are due to insiders."
2. "80% of security loss is due to insiders."
3. "80% of statistics are made up." :-)
Should we completely scrap this 80% beasty or is there any truth in it, after all? Recently I've seen a discussion on one mailing list where some pretty darn smart folks swore that they can personally attest that one or the other version of the above is "absolutely true."
So, any defenders/attackers of the above?
1 comment:
I don't see how you can get ANY number at all! It depends on whether you're counting insiders who unintentionally enable attacks/loss by creating vulnerabilities, or if you're only counting insiders as malicious attackers.
Post a Comment