Re: [Full-disclosure] [funsec] Stop The 70% Lie

On Thu, 17 Jul 2008, The Security Community wrote:

"The FBI estimates that about 70 percent of all computer security
breaches are perpetrated by insiders."

For years this lie and variations on the same theme have been
spreading through the Internet and the industry press.

Year after year journalists, security marketers, bloggers, and other
media types continue to publish this nonsense as though it were the
Gospel Truth when the truth is the FBI has never published any survey,
study, or statistical analysis that supports this claim.

Not reading the post below, I can tell you the numbers are based on real
research, but it is so old my memory fails me. It is a case of a number
being repeated and copied so many times over it gains credibility and

There are some decent numbers from the CSI/FBI annual survey.

Also, when counting incidents, it really matters what types of incidents
are included.


Inspired by
Fun and Misc security discussion for OT posts.
Note: funsec is a public and open mailing list.

Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia -