Share these talks and lectures with your colleaguesInvite colleagues
Statistical analysis of relationships of US organisations’ size, popularity, age and location to frequency of data breaches
Given the widespread occurrence of data breaches, it is useful for consumers to learn which factors of an organisation, for example, size, popularity or location, will contribute to increased data breach risks. Existing work on risk assessment requires detailed internal information of an information system, which is not available to the public. Furthermore, organisations typically do not want results of such analysis of their IT systems to be made public. This paper conducts comprehensive statistical analyses of the relationships between publicly available information to frequency of data breaches. The publicly available information includes size-related characteristics such as revenue, number of employees, population served and enrolment, popularity-related characteristics such as number of Google Search results, age of the organisation and location of the organisation. We used Pearson, Spearman and Kendall correlation analysis methods to test whether these characteristics are indicators for frequent data breaches for different types of US organisations. We also used linear regression to predict the frequency of data breaches. The results verified that many of these indicators have significant correlation to organisations’ frequency of data breaches. The result of this paper can help consumers make more informed decisions with respect to risks of data breaches.
The full article is available to institutions that have subscribed to the journal.
Ohud Saud Alqahtani is PhD student in Information Systems department with minor in data science at University of Maryland, Baltimore County, and Lecturer in Computer Science Department at King Khalid University. Research interests include machine learning, privacy preserving and statistical analysis. She is especially interested in detecting and preventing data breaches in organisations by analysing risk factors of reported data breaches from unintentional disclosure or hacking.
Zhiyuan Chen is a Professor, Information Systems Department, University of Maryland, Baltimore County. He has PhD from Cornell University in Computer Science, an MS in Computer Science from Fudan University, China, and a BS in Computer Science from Fudan University, China.