When I started blogging about breaches and breach notices way back in early 2005, a number of friends wrote to say I was sounding like a broken record. They were right, and at the same time, I felt there was something really big going on, and I wanted to push it and shape it. Over the last couple of years, we’ve gone from fearing breach data to analyzing it, and even the lobbyists are a little less frantic in trying to roll things back. (Only a little, as their arguments dissolve one after another.)
Dan Geer has also been at the data, and has posted “some statistical analysis” of Attrition’s data.
It’s great to see more breach analysis, and I fully expect that we’re going to start seeing such data being used in presentations from Gartner, Burton, and other analyst firms. Why not take some time to look at the data and figure out how your organization could make use of it?