Reaching Others University at Buffalo - The State University of New York
Skip to Content

Security Incident Management Metrics

Since 2005, UB has been tracking the number of  information security incidents and classifying  the incidents.

Some milestones for UB have been:

  1. In 2005 UB became a member of REN-ISAC
  2. In 2006 we implemented ArcSight

These two events are notable for the following reasons:

  • First, our membership in REN-ISAC alerts us to compromises of which we would otherwise not be aware. There are a variety of compromises that are generally detectable only at remote ends. For example, the botnet compromises would go largely undetected without our relationship with REN-ISAC. The information sharing and trust relationships that come with our membership have allowed us to better secure our infrastructure.
  • The second event, ArcSight, is notable because it allowed us to correlate incident reports and events and automate much of their processing, assignment and resolution. This allows us to respond more rapidly to new compromises. In 2006 the statistics show a large increase in incident detection as we turned on that infrastructure. After 2006, incident volume began dropping off as awareness and preventative measures grew.

Volume of Security Incidents by Year and Category

Graph of incidents by type and year

Volume of Account Compromises

Spring 2013

Graph of numbers of compromised accounts spring 2013

Click to expand

Compromised Accounts by Affiliation

Spring 2013 Semester (January-June)

Compromised Accounts by Affiliation

Click to expand

Did This Page Answer Your Question?

(Required)
 
Email, UBITName or phone number
(Required)
Enter both words below, separated by a space. If either word appears unclear, click 'Get a new challenge' to receive two new words.