Home page logo

educause logo Educause Security Discussion mailing list archives

Re: Security Incidents due to user error
From: "Penn, Blake" <pennb () UWW EDU>
Date: Tue, 30 Jan 2007 10:55:16 -0600

I've heard 80% before - but again, that's just anecdotal.  Dr.
Baskerville at Georgia State has done some research on this topic (it's
more focused on categorizing this threat than on statistics per se).
Here is one of his papers that is available for free on the ACM web

A longitudinal study of information system threat categories: the
enduring problem of human error

ACM SIGMIS Database archive
Volume 36 ,  Issue 4  (Fall 2005) 
Pages: 68 - 79  
Year of Publication: 2005

Blake Penn, CISSP                             
Information Security Officer          
University of Wisconsin-Whitewater
(p) 262-472-7792 (f) 262-472-1285
pennb () uww edu | http://www.uww.edu/security

-----Original Message-----
From: Anthony Maszeroski [mailto:maszeroskia3 () SCRANTON EDU] 
Sent: Tuesday, January 30, 2007 10:36 AM
Subject: [SECURITY] Security Incidents due to user error

I'm looking for a figure for the approximate percentage of security
incidents attributed to user/human error. I know I've read some
statistics before, but I can't seem to locate them now. Does anyone have
a pointer to this information?

- Anthony Maszeroski
Network Security Specialist
The University of Scranton
email : maszeroskia3 () scranton edu
phone : 570-941-4226

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]