June 4, 2010 at 6:01 pm #5153
I have been trying to find facts related to information security. I am doing a presentation next week to the management team and I really, really want to catch their attention. I am looking for things like (I am making up the numbers, as an example):
– 80% of all attacks comes from inside an organization
– 75% of all web sites are vulnerable to XSS attacks
So, do you know where I can find a reliable source for impressive facts?
June 4, 2010 at 6:50 pm #32614secureseveParticipant
I don’t know if this helps, but try http://www.us-cert.gov/nav/t01/
That’s for the technical crowd. If you go here: http://www.us-cert.gov/cas/techalerts/
you can choose information on the left side of the website for your target audience.
I did a quick google search for “vulnerability statistics 2010”
June 4, 2010 at 6:55 pm #32615secureseveParticipant
This may also be a good pdf for some statistics: http://www.ic3.gov/media/annualreport/2009_IC3Report.pdf
It’s 2009 though.
June 4, 2010 at 6:56 pm #32616Dengar13Participant
The OWASP site should have a plethora of web app scanning vulnerability results and statistics.
June 4, 2010 at 7:14 pm #32617XenParticipant
Also, OWASP website is very useful
You might also find datalossdb useful
June 4, 2010 at 11:08 pm #32618
These two links are exactly what I was looking for:
June 6, 2010 at 2:38 am #32619elcapitanParticipant
I would also consider the Verizon 2009 Data Breach Investigations Report. Though I might question the purview, it has a lot of information on the breaches they encountered and corresponding mitigation. The 2010 is due out this summer and they supposedly teamed with the Secret Squirrels.
June 6, 2010 at 10:55 am #32620
Yes, the Verizon report is indeed very, very good. Thanks ElCapitan!
- You must be logged in to reply to this topic.