Pareto Charts Show Which Data Breach Incidents are Most Common
Everyone loves a Pareto chart. That is, everyone who knows that Pareto charts are a type of bar chart ordered by bar size to help you to determine which bars comprise the vital few that you care about and which are the trivial many that you don't care about. Pareto charts are a great tool for communicating where the largest gains can be made as you focus your improvement efforts.
Since I love Pareto charts, it was fun for me to come across Verizon Enterprise’s 2014 Data Breach Investigations Report. While the subject probably sounds dry, especially if you don’t know what a data breach is, the authors of the report can’t seem to resist any opportunity to reference Star Wars and Breaking Bad, which increases the entertainment value considerably. My all-time favorite moment, in the 2012 full report, was the following: “73.6% of people will believe any statement that includes a statistic, even if it is completely made up.” (page 70, no lie)
This year's report includes a table that breaks down types of security breaches by industry. The purpose is to help readers pick out which findings from the report apply directly to their organization. This is where the Pareto charts and Minitab Statistical Software can be useful.
Let's take a look at the Professional industry for an example. According to the Census Bureau website, the Professional industry is a broad field, that includes professions as diverse as lawyers, landscapers, veterinarians, and accountants.
Emphasize the vital few
One of the desirable features of the Pareto chart in Minitab is that you don't see all of the categories. How can this be good?
The chart of the professional industry is a good example. We want to focus on the idea that Denial of Service attacks account for most of the incidents in that industry. The Pareto chart automatically lumps the smallest categories together so that they don't detract from your message.
Accumulate across categories
In a way, the Pareto chart de-emphasizes the proportion of Denial of Service incidents because the bar is so far from the top of the chart. The purpose of the scale on the Pareto chart is to allow for the accumulation line to reach 100%. This accumulation lets you see that 75% of the incident are of three types: Denial of Service, Cyber Espionage, and Web App Attacks. When you have to prioritize your resources, knowing that three problems cause 75% of your incidents is powerful information.
Graphs are an excellent way to explore data, and the Pareto chart in Minitab is an excellent graph. By focusing on the largest categories, your message gets delivered clearly. By accumulating across categories, you can quickly determine how many categories deserve your attention. To focus on the primary contributors to a problem, start with a Pareto chart.
Curious about what ails the rest of the industries? Start your free trial and make your own Pareto charts in Minitab! Want more about Pareto charts? Check out how Eston Martz would explain Pareto charts so that even his boss could understand.