A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:


The Power Law of Information - Michael Roytman (BSides Las Vegas 2014) (Hacking Illustrated Series InfoSec Tutorial Videos)

The Power Law of Information
Michael Roytman

Power laws occur widely and irrefutably in economics, physics, biology, and international relations. The root causes of power laws are hard to determine, but a good theory is that proportional random growth causes the phenomenon. This talk will attempt to prove a power law for breach size and breach occurrence volume, using data from over 30,000 businesses. The goal is to show that no matter the set of breaches one picks, the most impactful breach will have more impact than all the others combined. Information security breaches are scale-invariant and distributed according to a power law.

Bio: Michael Roytman is Risk I/O’s Data Scientist, responsible for building out Risk I/O’s predictive analytics functionality. He has written about vulnerability management with Dan Geer of In-Q-Tel, and has previously spoken at BSidesLV and SIRAcon. He formerly worked in fraud detection in the finance industry, and holds an MS in operations research from Georgia Tech. In his spare time, he tinkers with everything from bikes to speakers to cars, and works on his pet project:outfitting food trucks with GPS.

Back to BSides Las Vegas 2014 video list

Printable version of this article

15 most recent posts on Irongeek.com:

If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2016, IronGeek
Louisville / Kentuckiana Information Security Enthusiast