.

I need facts about information security

<<

caissyd

User avatar

Hero Member
Hero Member

Posts: 894

Joined: Thu Dec 31, 2009 11:20 am

Location: Ottawa, Canada

Post Fri Jun 04, 2010 1:01 pm

I need facts about information security

Hey,

I have been trying to find facts related to information security. I am doing a presentation next week to the management team and I really, really want to catch their attention. I am looking for things like (I am making up the numbers, as an example):

- 80% of all attacks comes from inside an organization
- 75% of all web sites are vulnerable to XSS attacks
- Etc

So, do you know where I can find a reliable source for impressive facts?

Thanks!
OSCP, GPEN, GWAPT, GSEC, CEH, CISSP
(aka H1t.M0nk3y)
<<

secureseve

User avatar

Jr. Member
Jr. Member

Posts: 79

Joined: Thu Apr 08, 2010 10:40 pm

Location: DMZ

Post Fri Jun 04, 2010 1:50 pm

Re: I need facts about information security

I don't know if this helps, but try http://www.us-cert.gov/nav/t01/
That's for the technical crowd. If you go here: http://www.us-cert.gov/cas/techalerts/
you can choose information on the left side of the website for your target audience.

I did a quick google search for "vulnerability statistics 2010"
Last edited by secureseve on Fri Jun 04, 2010 1:52 pm, edited 1 time in total.
http://twitter.com/mikesantillana
eLearnSecurity Team Member.
<<

secureseve

User avatar

Jr. Member
Jr. Member

Posts: 79

Joined: Thu Apr 08, 2010 10:40 pm

Location: DMZ

Post Fri Jun 04, 2010 1:55 pm

Re: I need facts about information security

This may also be a good pdf for some statistics: http://www.ic3.gov/media/annualreport/2 ... Report.pdf

It's 2009 though.
http://twitter.com/mikesantillana
eLearnSecurity Team Member.
<<

Dengar13

User avatar

Sr. Member
Sr. Member

Posts: 380

Joined: Tue Sep 20, 2005 8:43 am

Location: The Steel City

Post Fri Jun 04, 2010 1:56 pm

Re: I need facts about information security

The OWASP site should have a plethora of web app scanning vulnerability results and statistics.
Last edited by Dengar13 on Fri Jun 04, 2010 1:58 pm, edited 1 time in total.
A+, Net+, MCP, CEH
MCSE: Security/Messaging
MCSA: Security/Messaging
Former U.S. Marine and damn proud of it!
<<

Xen

User avatar

Sr. Member
Sr. Member

Posts: 386

Joined: Tue Feb 03, 2009 3:59 am

Post Fri Jun 04, 2010 2:14 pm

Re: I need facts about information security

Last edited by Xen on Fri Jun 04, 2010 3:13 pm, edited 1 time in total.
<<

caissyd

User avatar

Hero Member
Hero Member

Posts: 894

Joined: Thu Dec 31, 2009 11:20 am

Location: Ottawa, Canada

Post Fri Jun 04, 2010 6:08 pm

Re: I need facts about information security

Ahhh! Great!

These two links are exactly what I was looking for:

http://datalossdb.org/statistics
and
http://www.ic3.gov/media/annualreport/2 ... Report.pdf

Thanks guys!
OSCP, GPEN, GWAPT, GSEC, CEH, CISSP
(aka H1t.M0nk3y)
<<

elcapitan

User avatar

Newbie
Newbie

Posts: 28

Joined: Mon Apr 28, 2008 10:16 am

Post Sat Jun 05, 2010 9:38 pm

Re: I need facts about information security

I would also consider the Verizon 2009 Data Breach Investigations Report. Though I might question the purview, it has a lot of information on the breaches they encountered and corresponding mitigation. The 2010 is due out this summer and they supposedly teamed with the Secret Squirrels.


http://www.verizonbusiness.com/resource ... ach_rp.pdf
CISSP, Security+, CEH, OPP, et alii
<<

caissyd

User avatar

Hero Member
Hero Member

Posts: 894

Joined: Thu Dec 31, 2009 11:20 am

Location: Ottawa, Canada

Post Sun Jun 06, 2010 5:55 am

Re: I need facts about information security

Yes, the Verizon report is indeed very, very good. Thanks ElCapitan!
OSCP, GPEN, GWAPT, GSEC, CEH, CISSP
(aka H1t.M0nk3y)

Return to Other

Who is online

Users browsing this forum: No registered users and 0 guests

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software