Developing an Effective Incident Cost Analysis Mechanism

by David A. Dittrich Sept. 1, 2017 via Symantec

When it comes to calculating damages from computer security incidents, some in the media will tell you that it is impossible to come up with a value. At the same time, others will tell you that the Melissa Virus caused $80 million in damages to US businesses. Who is right? Can these damages be calculated, and if so, how? A project by representatives of the Big Ten Universities (plus a few others) in the late 90's undertook to systematically examine the real costs of security incidents. The results of this project were an incident cost model and examples of costs for typical security incidents at these institutions. This model has been used successfully in computer intrusion cases involving federal law enforcement, and by the Honeynet Project for comparison of entries in the Forensic Challenge.