The world of information security is awash in figures and statistics. From the estimated expensive costs of password resets, to cost of a data breach studies, the endlessly quoted Verizon Data Breach Investigation Report, to the near monthly hundreds of millions of customer’s data breaches, and countless more.
For anyone who wants to understand how to effectively use data in the world of information security, the definitive guide is Measuring and Managing Information Risk: A FAIR Approach, by Dr. Jack Freund and Jack Jones. For those that want to understand how the media often misuses numbers and statistics, a much lighter and more entertaining read is Millions, Billions, Zillions Defending Yourself in a World of Too Many Numbers (Princeton University Press 978-0691182773) by noted computer scientist Brian Kernighan.
In this short and enjoyable reference, Kernighan shows how the media often uses numbers, graphs, figures and more; but far too often either misreports them, or uses them in misleading ways. There are many reasons for this, including rushed deadlines, their inherent misunderstanding of how to use statistics, not understanding the underlying issue and much more.
Kernighan gives many examples where billions and trillions are swapped. He also provides many examples of where conversions to/from metric values are done incorrectly, where orders of magnitude errors are erroneously reported.
The bigger issue is not simply that the wrong figure is used by reporters, rather people and businesses act on them, and policy decisions are based on them. Once implemented, they are often hard to correct.
In the book, Kernighan give many examples and provides ways to detect being fooled by suspect figures. The often inability of popular media to effectively use numbers and statistics, combined with the rise of fake news, makes it an imperative for readers to be skeptical when these numbers are being reported.
Be it from the media, politicians or clueless neighbors, numbers and statistics are often used to confuse us. This in turns makes it important for readers not to take these figures at face value. By be numerically illiterate, a person runs the risk of being manipulated.
Numbers, graphs and statistics can often be misleading and misrepresented. In Millions, Billions, Zillions Defending Yourself in a World of Too Many Numbers, Kernighan provides the reader with an entertaining and useful guide to avoid becoming a victim of number abuse.
*** This is a Security Bloggers Network syndicated blog from RSA Conference Blog authored by Ben Rothke. Read the original post at: http://www.rsaconference.com/blogs/millions-billions-zillions-defending-yourself-in-a-world-of-too-many