By: Dan

Dan — Tue, 21 Aug 2007 03:27:57 +0000

Great stats Rudy! Do your percentages represent # of breaches (events, so to speak) or # of customers impacted? I’m asking because those are two different ways of running metrics on breaches which may result in different conclusions. It’s similar to the ‘air travel is the safest’ stats — is this determined by counting miles traveled or time in the air? When comparing these two figures with those of car travel, the variable measured changes the stat.

I agree that DBAs are typically not the perpetrator of these crimes, however when / if they are, the impact can be significant. For example, in July, a Certegy DBA stole 2.3M records…. that certainly skews the stats based on how you measure it: Only one breach but 2.3M people impacted.

This is neither here nor there with respect to database encryption…. just an interesting factoid.

Comments on: The Myth of the Malicious DBA

By: Dan