SlideShare une entreprise Scribd logo

Herd Immunity in InfoSec - Does the concept apply to cybersecurity risks

Patrick Florer
Patrick Florer

Herd immunity (or community immunity) describes a form of immunity that occurs when the vaccination of a significant portion of a population (or herd) provides a measure of protection for individuals who have not developed immunity. Is this a useful concept for Risk Analysis in Information Security? Where does this concept fail to address important issues in Information Security?

Business
1  sur  27
Télécharger pour lire hors ligne
Herd Immunity – Does this concept from Immunology have relevance for Information Security? Risk Analysis for the 21st Century® Patrick Florer Risk Centric Security, Inc. www.riskcentricsecurity.com
Bio Patrick Florer has worked in information technology for 34 years. In addition, he worked a parallel track in medical outcomes research, analysis, and the creation of evidence-based guidelines for medical treatment. His roles have included IT operations, programming, and systems analysis. From 1986 until now, he has worked as an independent consultant, helping customers with strategic development, analytics, risk analysis, and decision analysis. He is a cofounder of Risk Centric Security and currently serves as Chief Technology Officer. In addition, he is a Fellow of the Ponemon Institute. Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
Agenda What is herd immunity? Why does it work? How can it help us when it does work? How does the arithmetic work? Discussion and Q & A Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
Once upon a time … . Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
Why the Blind Men and the Elephant? Be open – avoid jumping to conclusions. Be skeptical – don’t believe everything you see or hear. This is a work in progress and I appreciate your input. Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
Medicine and Information Security Viruses Worms Infections Immunization Inoculation Monoculture Base rates Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
What is Herd Immunity? “Herd immunity (or community immunity) describes a form of immunity that occurs when the vaccination of a significant portion of a population (or herd) provides a measure of protection for individuals who have not developed immunity. Herd immunity theory proposes that, in contagious diseases that are transmitted from individual to individual, chains of infection are likely to be disrupted when large numbers of a population are immune or less susceptible to the disease. The greater the proportion of individuals who are resistant, the smaller the probability that a susceptible individual will come into contact with an infectious individual.” From wikipedia.com Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
What is Herd Immunity? “Vaccination acts as a sort of firebreak or firewall in the spread of the disease, slowing or preventing further transmission of the disease to others. Unvaccinated individuals are indirectly protected by vaccinated individuals, as the latter are less likely to contract and transmit the disease between infected and susceptible individuals.” “Herd immunity generally applies only to diseases that are contagious. It does not apply to diseases such as tetanus (which is infectious, but is not contagious), where the vaccine protects only the vaccinated person from disease.” From wikipedia.com Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
Assumptions The individuals in the population are well mixed – i.e.: there are no concentrations of susceptible individuals. The infection spreads by means of contagion – from person to person, entity to entity, etc. The infection has a finite ability to infect others. Immunization is 100% effective. Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
Herd Immunity Thresholds Estimated Herd Immunity thresholds for vaccine preventable diseases Disease Transmission R0 Herd immunity threshold Diphtheria Saliva 6–7 85% Measles Airborne 12–18 92–94% Mumps Airborne droplet 4–7 75–86% Pertussis Airborne droplet 12–17 92–94% Polio Fecal-oral route 5–7 80–86% Rubella Airborne droplet 5–7 80–85% Smallpox Social contact 6–7 83–85% R0 is the basic reproduction number, or the average number of secondary infectious cases that are produced by a single index case in completely susceptible population. From wikipedia.com Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
Why does it work? No contagious disease has an infinite capability to infect. Sooner or later, the disease runs its course, its infection chain is broken, or something shuts it down. Immunization reduces the probability that an infected person will come in contact with a susceptible person. Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
How does it help us when it works? Unless small or circumscribed in some way, it is almost impossible to immunize every member of a population. Some members of a population cannot tolerate immunization. It can be very expensive to immunize every member of a population. By giving us an estimate of a threshold immunization level, herd immunity can help us utilize resources more effectively. Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
Definitions R0 – the basic Reproduction number: the estimated number of secondary infections that a contagious disease can cause S = the proportion of susceptible/unvaccinated individuals in a population: S = 1 minus proportion of vaccinated individuals HI = Herd Immunity threshold – percentage of immune individuals Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
The Math In order for a disease not to die off, each infected individual must be able to infect at least one other individual. Mathematically, this means that: R0 x S = 1 The Herd Immunity threshold (percentage immune) plus the percentage of susceptible individuals must =1 HI + S = 1 Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
The Math If Then HI + S = 1 S = (1 – HI) If R0 x S = 1 Then you can substitute (1 – HI) for S, which gives: R0 x (1 – HI)= 1 Which transforms to: HI = 1 – 1/ R0 Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
The Math – an example Assume that : R0 =7 HI = 1 – 1 / R0 =1–1/7 = 1 - .143 = 0.85.7 or ~ 86% Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
Results Assumption: Immunization is 100% effective Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
Results Required Coverage Rate – 100% Effectiveness 100% 90% 80% 70% 60% 50% 40% 30% 20% 10% 0% 0 10 20 30 40 50 Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved. 60 70 80 90 100
Results You can also account for a vaccine that is less than 100% effective. In this case, you must adjust S by some number. If S = 10% and HI = 90%, assuming 100% vaccine effectiveness, then, at 90% effectiveness: HI = 90% x 90% = 81% S = 100% - 81% = 19% And Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
The Math – an example In this scenario, a 10 percentage point drop in effectiveness means that the susceptible population has almost doubled, from 10% to 19%. This also means that R0, the effective reach (R0)of the disease will almost double, from 5 to 10. Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
Summary The individuals in the population are well mixed – i.e.: there are no concentrations of susceptible individuals. The infection spreads by means of contagion – from person to person, entity to entity, etc. The infection has a finite ability to infect others. The math: HI = 1 – 1/ R0 Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
Summary We have covered the easy part. Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
Summary Now, for the hard part Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
Application to Infosec Which kinds of “infections” are contagious – i.e.: they spread laterally, from machine or user to machine or user? Do viruses, worms, and malware have a finite ability to infect, or do they just keep pounding away, looking for a way to spread? Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
Application to Infosec – Use Cases Endpoint Security Patching Custom Software Legacy Systems Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
How would we measure success? What metrics could we implement in order to understand success and failure? How do we estimate R0 in a computing environment? What kinds of controlled experiments might we design? Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
Thank You! Patrick Florer 214.828.1172 patrick@riskcentricsecurity.com Risk Analysis for the 21st Century® Risk Centric Security, Inc. www.riskcentricsecurity.com Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved.

Recommandé

Vaccination or herd immunity?
Vaccination or herd immunity?Vaccination or herd immunity?
Vaccination or herd immunity?DebjeetNath
 
Herd immunity
Herd immunityHerd immunity
Herd immunityArchit Khardenavis
 
Herd immunity final4
Herd immunity final4Herd immunity final4
Herd immunity final4Hari Dev
 
Herd immunity 1234
Herd immunity 1234Herd immunity 1234
Herd immunity 1234Rahman Shuvo
 
Understanding Herd immunity
Understanding Herd immunityUnderstanding Herd immunity
Understanding Herd immunitydipesh125
 
Vaccines and herd immunity
Vaccines and herd immunityVaccines and herd immunity
Vaccines and herd immunityKimberly Kaye
 
R0 Value & Herd Immunity
R0 Value & Herd ImmunityR0 Value & Herd Immunity
R0 Value & Herd ImmunityBhoj Raj Singh
 
Herd immunity
Herd immunityHerd immunity
Herd immunityDaulal Chouhan
 

Recommandé

Vaccination or herd immunity?
Vaccination or herd immunity?Vaccination or herd immunity?
Vaccination or herd immunity?DebjeetNath
 
Herd immunity
Herd immunityHerd immunity
Herd immunityArchit Khardenavis
 
Herd immunity final4
Herd immunity final4Herd immunity final4
Herd immunity final4Hari Dev
 
Herd immunity 1234
Herd immunity 1234Herd immunity 1234
Herd immunity 1234Rahman Shuvo
 
Understanding Herd immunity
Understanding Herd immunityUnderstanding Herd immunity
Understanding Herd immunitydipesh125
 
Vaccines and herd immunity
Vaccines and herd immunityVaccines and herd immunity
Vaccines and herd immunityKimberly Kaye
 
R0 Value & Herd Immunity
R0 Value & Herd ImmunityR0 Value & Herd Immunity
R0 Value & Herd ImmunityBhoj Raj Singh
 
Herd immunity
Herd immunityHerd immunity
Herd immunityDaulal Chouhan
 
Herd immunity
Herd immunityHerd immunity
Herd immunityObli Rajendran VinodhKumar, ICAR- Indian Veterinary Research Institute, Bareilly
 
Hepatitis B modelling in New Zealand
Hepatitis B modelling in New ZealandHepatitis B modelling in New Zealand
Hepatitis B modelling in New ZealandSimon Thornley
 
Herd immunity
Herd immunityHerd immunity
Herd immunityMazin-Salim Almazini
 
Zoonotic diseasesAllah Dad Kha
Zoonotic diseasesAllah Dad KhaZoonotic diseasesAllah Dad Kha
Zoonotic diseasesAllah Dad KhaMr.Allah Dad Khan
 
STOP AI training manual
STOP AI training manualSTOP AI training manual
STOP AI training manualHarm Kiezebrink
 
Lotta Berg 2009 WSPA conference Poultry welfare AI
Lotta Berg 2009 WSPA conference Poultry welfare AILotta Berg 2009 WSPA conference Poultry welfare AI
Lotta Berg 2009 WSPA conference Poultry welfare AIHarm Kiezebrink
 
Dossier investigation: identification of the agent
Dossier investigation: identification of the agentDossier investigation: identification of the agent
Dossier investigation: identification of the agentGeranne Kiezebrink
 
Bird flu
Bird fluBird flu
Bird fluvigyanashram
 
Birdflu
BirdfluBirdflu
Birdfluladia
 
Different environmental drivers of H5N1 outbreaks in poultry and wild birds
Different environmental drivers of H5N1 outbreaks in poultry and wild birdsDifferent environmental drivers of H5N1 outbreaks in poultry and wild birds
Different environmental drivers of H5N1 outbreaks in poultry and wild birdsHarm Kiezebrink
 
The 3 P’s of avian influenza Prevent, Plan, Practice
The 3 P’s of avian influenza Prevent, Plan, PracticeThe 3 P’s of avian influenza Prevent, Plan, Practice
The 3 P’s of avian influenza Prevent, Plan, PracticeHarm Kiezebrink
 
LAIV in India - Should we use it? Sep 2014
LAIV in India - Should we use it? Sep 2014LAIV in India - Should we use it? Sep 2014
LAIV in India - Should we use it? Sep 2014Gaurav Gupta
 
Gsk influenza virus vaccine
Gsk influenza virus vaccineGsk influenza virus vaccine
Gsk influenza virus vaccineMahek Dhoot
 
Inactivated seasonal influenza vaccines
Inactivated seasonal influenza vaccinesInactivated seasonal influenza vaccines
Inactivated seasonal influenza vaccinesAshraf ElAdawy
 
H5 n1 (bird flu)
H5 n1 (bird flu)H5 n1 (bird flu)
H5 n1 (bird flu)Akshay Khumar
 
Avian influenza virus vaccines: the use of vaccination in poultry production
Avian influenza virus vaccines: the use of vaccination in poultry productionAvian influenza virus vaccines: the use of vaccination in poultry production
Avian influenza virus vaccines: the use of vaccination in poultry productionHarm Kiezebrink
 
basic information about avian influenza viruses
basic information about avian influenza virusesbasic information about avian influenza viruses
basic information about avian influenza virusesGeranne Kiezebrink
 
Avian influenza
Avian influenzaAvian influenza
Avian influenzaAshraf ElAdawy
 
Bird Flu
Bird FluBird Flu
Bird Flukoustoov.majumdar
 
Avian Influenza Update
Avian Influenza UpdateAvian Influenza Update
Avian Influenza Updateguest3008cc
 
Measurement, Qualitative vs Quantitative Methods, and other Cool Stuff
Measurement, Qualitative vs Quantitative Methods, and other Cool StuffMeasurement, Qualitative vs Quantitative Methods, and other Cool Stuff
Measurement, Qualitative vs Quantitative Methods, and other Cool StuffPatrick Florer
 
Measurement, Quantitative vs. Qualitative and Other Cool Stuff
Measurement, Quantitative vs. Qualitative and Other Cool StuffMeasurement, Quantitative vs. Qualitative and Other Cool Stuff
Measurement, Quantitative vs. Qualitative and Other Cool StuffJody Keyser
 

Contenu connexe

Tendances

Hepatitis B modelling in New Zealand
Hepatitis B modelling in New ZealandHepatitis B modelling in New Zealand
Hepatitis B modelling in New ZealandSimon Thornley
 
Zoonotic diseasesAllah Dad Kha
Zoonotic diseasesAllah Dad KhaZoonotic diseasesAllah Dad Kha
Zoonotic diseasesAllah Dad KhaMr.Allah Dad Khan
 
Lotta Berg 2009 WSPA conference Poultry welfare AI
Lotta Berg 2009 WSPA conference Poultry welfare AILotta Berg 2009 WSPA conference Poultry welfare AI
Lotta Berg 2009 WSPA conference Poultry welfare AIHarm Kiezebrink
 
Dossier investigation: identification of the agent
Dossier investigation: identification of the agentDossier investigation: identification of the agent
Dossier investigation: identification of the agentGeranne Kiezebrink
 
Birdflu
BirdfluBirdflu
Birdfluladia
 
Different environmental drivers of H5N1 outbreaks in poultry and wild birds
Different environmental drivers of H5N1 outbreaks in poultry and wild birdsDifferent environmental drivers of H5N1 outbreaks in poultry and wild birds
Different environmental drivers of H5N1 outbreaks in poultry and wild birdsHarm Kiezebrink
 
The 3 P’s of avian influenza Prevent, Plan, Practice
The 3 P’s of avian influenza Prevent, Plan, PracticeThe 3 P’s of avian influenza Prevent, Plan, Practice
The 3 P’s of avian influenza Prevent, Plan, PracticeHarm Kiezebrink
 
LAIV in India - Should we use it? Sep 2014
LAIV in India - Should we use it? Sep 2014LAIV in India - Should we use it? Sep 2014
LAIV in India - Should we use it? Sep 2014Gaurav Gupta
 
Gsk influenza virus vaccine
Gsk influenza virus vaccineGsk influenza virus vaccine
Gsk influenza virus vaccineMahek Dhoot
 
Inactivated seasonal influenza vaccines
Inactivated seasonal influenza vaccinesInactivated seasonal influenza vaccines
Inactivated seasonal influenza vaccinesAshraf ElAdawy
 
Avian influenza virus vaccines: the use of vaccination in poultry production
Avian influenza virus vaccines: the use of vaccination in poultry productionAvian influenza virus vaccines: the use of vaccination in poultry production
Avian influenza virus vaccines: the use of vaccination in poultry productionHarm Kiezebrink
 
basic information about avian influenza viruses
basic information about avian influenza virusesbasic information about avian influenza viruses
basic information about avian influenza virusesGeranne Kiezebrink
 
Avian Influenza Update
Avian Influenza UpdateAvian Influenza Update
Avian Influenza Updateguest3008cc
 

Tendances (20)

Herd immunity
Herd immunityHerd immunity
Herd immunity
 
Hepatitis B modelling in New Zealand
Hepatitis B modelling in New ZealandHepatitis B modelling in New Zealand
Hepatitis B modelling in New Zealand
 
Herd immunity
Herd immunityHerd immunity
Herd immunity
 
Zoonotic diseasesAllah Dad Kha
Zoonotic diseasesAllah Dad KhaZoonotic diseasesAllah Dad Kha
Zoonotic diseasesAllah Dad Kha
 
STOP AI training manual
STOP AI training manualSTOP AI training manual
STOP AI training manual
 
Lotta Berg 2009 WSPA conference Poultry welfare AI
Lotta Berg 2009 WSPA conference Poultry welfare AILotta Berg 2009 WSPA conference Poultry welfare AI
Lotta Berg 2009 WSPA conference Poultry welfare AI
 
Dossier investigation: identification of the agent
Dossier investigation: identification of the agentDossier investigation: identification of the agent
Dossier investigation: identification of the agent
 
Bird flu
Bird fluBird flu
Bird flu
 
Birdflu
BirdfluBirdflu
Birdflu
 
Different environmental drivers of H5N1 outbreaks in poultry and wild birds
Different environmental drivers of H5N1 outbreaks in poultry and wild birdsDifferent environmental drivers of H5N1 outbreaks in poultry and wild birds
Different environmental drivers of H5N1 outbreaks in poultry and wild birds
 
The 3 P’s of avian influenza Prevent, Plan, Practice
The 3 P’s of avian influenza Prevent, Plan, PracticeThe 3 P’s of avian influenza Prevent, Plan, Practice
The 3 P’s of avian influenza Prevent, Plan, Practice
 
LAIV in India - Should we use it? Sep 2014
LAIV in India - Should we use it? Sep 2014LAIV in India - Should we use it? Sep 2014
LAIV in India - Should we use it? Sep 2014
 
Gsk influenza virus vaccine
Gsk influenza virus vaccineGsk influenza virus vaccine
Gsk influenza virus vaccine
 
Inactivated seasonal influenza vaccines
Inactivated seasonal influenza vaccinesInactivated seasonal influenza vaccines
Inactivated seasonal influenza vaccines
 
H5 n1 (bird flu)
H5 n1 (bird flu)H5 n1 (bird flu)
H5 n1 (bird flu)
 
Avian influenza virus vaccines: the use of vaccination in poultry production
Avian influenza virus vaccines: the use of vaccination in poultry productionAvian influenza virus vaccines: the use of vaccination in poultry production
Avian influenza virus vaccines: the use of vaccination in poultry production
 
basic information about avian influenza viruses
basic information about avian influenza virusesbasic information about avian influenza viruses
basic information about avian influenza viruses
 
Avian influenza
Avian influenzaAvian influenza
Avian influenza
 
Bird Flu
Bird FluBird Flu
Bird Flu
 
Avian Influenza Update
Avian Influenza UpdateAvian Influenza Update
Avian Influenza Update
 

Similaire à Herd Immunity in InfoSec - Does the concept apply to cybersecurity risks

Measurement, Qualitative vs Quantitative Methods, and other Cool Stuff
Measurement, Qualitative vs Quantitative Methods, and other Cool StuffMeasurement, Qualitative vs Quantitative Methods, and other Cool Stuff
Measurement, Qualitative vs Quantitative Methods, and other Cool StuffPatrick Florer
 
Measurement, Quantitative vs. Qualitative and Other Cool Stuff
Measurement, Quantitative vs. Qualitative and Other Cool StuffMeasurement, Quantitative vs. Qualitative and Other Cool Stuff
Measurement, Quantitative vs. Qualitative and Other Cool StuffJody Keyser
 
Base Rate Fallacy Sira Con 2012 05
Base Rate Fallacy Sira Con 2012 05Base Rate Fallacy Sira Con 2012 05
Base Rate Fallacy Sira Con 2012 05hgoodnight
 
Vaccines ingles extendido
Vaccines ingles extendidoVaccines ingles extendido
Vaccines ingles extendidomarinatesone
 
Vaccines raul primer modulo
Vaccines raul primer moduloVaccines raul primer modulo
Vaccines raul primer modulomarinatesone
 
Importance of vaccination
Importance of vaccinationImportance of vaccination
Importance of vaccinationMisty Moser
 
Importance of vaccination
Importance of vaccinationImportance of vaccination
Importance of vaccinationMisty Moser
 
Extended vaccines Covid-19
Extended vaccines Covid-19Extended vaccines Covid-19
Extended vaccines Covid-19marinatesone
 
Smu seminar 2014_03_26 v3
Smu seminar 2014_03_26 v3Smu seminar 2014_03_26 v3
Smu seminar 2014_03_26 v3Patrick Florer
 
Estimating risk ,pptx
Estimating risk ,pptxEstimating risk ,pptx
Estimating risk ,pptxsoudfaiza
 
Vaccination and herd immunity in microbiology.pdf
Vaccination and herd immunity in microbiology.pdfVaccination and herd immunity in microbiology.pdf
Vaccination and herd immunity in microbiology.pdfBruntlandAldre
 
Ver E Brochure 081108
Ver E Brochure 081108Ver E Brochure 081108
Ver E Brochure 081108pedigob
 
Risk In Our Society
Risk In Our SocietyRisk In Our Society
Risk In Our Societydaryl10
 
Unit IV GE8076 Professional Ethics in Engineering
Unit IV GE8076 Professional Ethics in Engineering Unit IV GE8076 Professional Ethics in Engineering
Unit IV GE8076 Professional Ethics in Engineering Dr. SELVAGANESAN S
 
SLP - vaccine and immunity
SLP - vaccine and immunitySLP - vaccine and immunity
SLP - vaccine and immunityAzmi Mohd Tamil
 
Infection and Disease 2021-22.pptx
Infection and Disease 2021-22.pptxInfection and Disease 2021-22.pptx
Infection and Disease 2021-22.pptxjelikov
 
ISACA Reporting relevant IT risks to stakeholders
ISACA Reporting relevant IT risks to stakeholdersISACA Reporting relevant IT risks to stakeholders
ISACA Reporting relevant IT risks to stakeholdersMarc Vael
 
Session ii g3 overview epidemiology modeling mmc
Session ii g3 overview epidemiology modeling mmcSession ii g3 overview epidemiology modeling mmc
Session ii g3 overview epidemiology modeling mmcUSD Bioinformatics
 

Similaire à Herd Immunity in InfoSec - Does the concept apply to cybersecurity risks (20)

Measurement, Qualitative vs Quantitative Methods, and other Cool Stuff
Measurement, Qualitative vs Quantitative Methods, and other Cool StuffMeasurement, Qualitative vs Quantitative Methods, and other Cool Stuff
Measurement, Qualitative vs Quantitative Methods, and other Cool Stuff
 
Measurement, Quantitative vs. Qualitative and Other Cool Stuff
Measurement, Quantitative vs. Qualitative and Other Cool StuffMeasurement, Quantitative vs. Qualitative and Other Cool Stuff
Measurement, Quantitative vs. Qualitative and Other Cool Stuff
 
Base Rate Fallacy Sira Con 2012 05
Base Rate Fallacy Sira Con 2012 05Base Rate Fallacy Sira Con 2012 05
Base Rate Fallacy Sira Con 2012 05
 
Vaccines ingles extendido
Vaccines ingles extendidoVaccines ingles extendido
Vaccines ingles extendido
 
Vaccines raul primer modulo
Vaccines raul primer moduloVaccines raul primer modulo
Vaccines raul primer modulo
 
Importance of vaccination
Importance of vaccinationImportance of vaccination
Importance of vaccination
 
Importance of vaccination
Importance of vaccinationImportance of vaccination
Importance of vaccination
 
Health and Safety on Mission: Mitigating Safety Risks: A Personal and Profess...
Health and Safety on Mission: Mitigating Safety Risks: A Personal and Profess...Health and Safety on Mission: Mitigating Safety Risks: A Personal and Profess...
Health and Safety on Mission: Mitigating Safety Risks: A Personal and Profess...
 
Extended vaccines Covid-19
Extended vaccines Covid-19Extended vaccines Covid-19
Extended vaccines Covid-19
 
Smu seminar 2014_03_26 v3
Smu seminar 2014_03_26 v3Smu seminar 2014_03_26 v3
Smu seminar 2014_03_26 v3
 
Estimating risk ,pptx
Estimating risk ,pptxEstimating risk ,pptx
Estimating risk ,pptx
 
Estimating risk
Estimating riskEstimating risk
Estimating risk
 
Vaccination and herd immunity in microbiology.pdf
Vaccination and herd immunity in microbiology.pdfVaccination and herd immunity in microbiology.pdf
Vaccination and herd immunity in microbiology.pdf
 
Ver E Brochure 081108
Ver E Brochure 081108Ver E Brochure 081108
Ver E Brochure 081108
 
Risk In Our Society
Risk In Our SocietyRisk In Our Society
Risk In Our Society
 
Unit IV GE8076 Professional Ethics in Engineering
Unit IV GE8076 Professional Ethics in Engineering Unit IV GE8076 Professional Ethics in Engineering
Unit IV GE8076 Professional Ethics in Engineering
 
SLP - vaccine and immunity
SLP - vaccine and immunitySLP - vaccine and immunity
SLP - vaccine and immunity
 
Infection and Disease 2021-22.pptx
Infection and Disease 2021-22.pptxInfection and Disease 2021-22.pptx
Infection and Disease 2021-22.pptx
 
ISACA Reporting relevant IT risks to stakeholders
ISACA Reporting relevant IT risks to stakeholdersISACA Reporting relevant IT risks to stakeholders
ISACA Reporting relevant IT risks to stakeholders
 
Session ii g3 overview epidemiology modeling mmc
Session ii g3 overview epidemiology modeling mmcSession ii g3 overview epidemiology modeling mmc
Session ii g3 overview epidemiology modeling mmc
 

Plus de Patrick Florer

The Base Rate Fallacy - Source Boston 2013
The Base Rate Fallacy - Source Boston 2013The Base Rate Fallacy - Source Boston 2013
The Base Rate Fallacy - Source Boston 2013Patrick Florer
 
Rcs triumfant watchful_webinar_final
Rcs triumfant watchful_webinar_finalRcs triumfant watchful_webinar_final
Rcs triumfant watchful_webinar_finalPatrick Florer
 
Isaca houston presentation 12 4 12
Isaca houston presentation 12 4 12Isaca houston presentation 12 4 12
Isaca houston presentation 12 4 12Patrick Florer
 
Deconstructing the cost of a data breach
Deconstructing the cost of a data breachDeconstructing the cost of a data breach
Deconstructing the cost of a data breachPatrick Florer
 

Plus de Patrick Florer (6)

The Base Rate Fallacy - Source Boston 2013
The Base Rate Fallacy - Source Boston 2013The Base Rate Fallacy - Source Boston 2013
The Base Rate Fallacy - Source Boston 2013
 
Rcs triumfant watchful_webinar_final
Rcs triumfant watchful_webinar_finalRcs triumfant watchful_webinar_final
Rcs triumfant watchful_webinar_final
 
Isaca houston presentation 12 4 12
Isaca houston presentation 12 4 12Isaca houston presentation 12 4 12
Isaca houston presentation 12 4 12
 
Co3 rsc r5
Co3 rsc r5Co3 rsc r5
Co3 rsc r5
 
Source seattle 2012
Source seattle 2012Source seattle 2012
Source seattle 2012
 
Deconstructing the cost of a data breach
Deconstructing the cost of a data breachDeconstructing the cost of a data breach
Deconstructing the cost of a data breach
 

Dernier

FULL ENJOY Call girls in Paharganj Delhi | 8377087607
FULL ENJOY Call girls in Paharganj Delhi | 8377087607FULL ENJOY Call girls in Paharganj Delhi | 8377087607
FULL ENJOY Call girls in Paharganj Delhi | 8377087607dollysharma2066
 
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCRashishs7044
 
Call Us 📲8800102216📞 Call Girls In DLF City Gurgaon
Call Us 📲8800102216📞 Call Girls In DLF City GurgaonCall Us 📲8800102216📞 Call Girls In DLF City Gurgaon
Call Us 📲8800102216📞 Call Girls In DLF City Gurgaoncallgirls2057
 
8447779800, Low rate Call girls in Tughlakabad Delhi NCR
8447779800, Low rate Call girls in Tughlakabad Delhi NCR8447779800, Low rate Call girls in Tughlakabad Delhi NCR
8447779800, Low rate Call girls in Tughlakabad Delhi NCRashishs7044
 
Market Sizes Sample Report - 2024 Edition
Market Sizes Sample Report - 2024 EditionMarket Sizes Sample Report - 2024 Edition
Market Sizes Sample Report - 2024 EditionMintel Group
 
Digital Transformation in the PLM domain - distrib.pdf
Digital Transformation in the PLM domain - distrib.pdfDigital Transformation in the PLM domain - distrib.pdf
Digital Transformation in the PLM domain - distrib.pdfJos Voskuil
 
Investment in The Coconut Industry by Nancy Cheruiyot
Investment in The Coconut Industry by Nancy CheruiyotInvestment in The Coconut Industry by Nancy Cheruiyot
Investment in The Coconut Industry by Nancy Cheruiyotictsugar
 
Kenya Coconut Production Presentation by Dr. Lalith Perera
Kenya Coconut Production Presentation by Dr. Lalith PereraKenya Coconut Production Presentation by Dr. Lalith Perera
Kenya Coconut Production Presentation by Dr. Lalith Pereraictsugar
 
Youth Involvement in an Innovative Coconut Value Chain by Mwalimu Menza
Youth Involvement in an Innovative Coconut Value Chain by Mwalimu MenzaYouth Involvement in an Innovative Coconut Value Chain by Mwalimu Menza
Youth Involvement in an Innovative Coconut Value Chain by Mwalimu Menzaictsugar
 
APRIL2024_UKRAINE_xml_0000000000000 .pdf
APRIL2024_UKRAINE_xml_0000000000000 .pdfAPRIL2024_UKRAINE_xml_0000000000000 .pdf
APRIL2024_UKRAINE_xml_0000000000000 .pdfRbc Rbcua
 
Ms Motilal Padampat Sugar Mills vs. State of Uttar Pradesh & Ors. - A Milesto...
Ms Motilal Padampat Sugar Mills vs. State of Uttar Pradesh & Ors. - A Milesto...Ms Motilal Padampat Sugar Mills vs. State of Uttar Pradesh & Ors. - A Milesto...
Ms Motilal Padampat Sugar Mills vs. State of Uttar Pradesh & Ors. - A Milesto...ShrutiBose4
 
Annual General Meeting Presentation Slides
Annual General Meeting Presentation SlidesAnnual General Meeting Presentation Slides
Annual General Meeting Presentation SlidesKeppelCorporation
 
Marketplace and Quality Assurance Presentation - Vincent Chirchir
Marketplace and Quality Assurance Presentation - Vincent ChirchirMarketplace and Quality Assurance Presentation - Vincent Chirchir
Marketplace and Quality Assurance Presentation - Vincent Chirchirictsugar
 
MAHA Global and IPR: Do Actions Speak Louder Than Words?
MAHA Global and IPR: Do Actions Speak Louder Than Words?MAHA Global and IPR: Do Actions Speak Louder Than Words?
MAHA Global and IPR: Do Actions Speak Louder Than Words?Olivia Kresic
 
Case study on tata clothing brand zudio in detail
Case study on tata clothing brand zudio in detailCase study on tata clothing brand zudio in detail
Case study on tata clothing brand zudio in detailAriel592675
 
Cybersecurity Awareness Training Presentation v2024.03
Cybersecurity Awareness Training Presentation v2024.03Cybersecurity Awareness Training Presentation v2024.03
Cybersecurity Awareness Training Presentation v2024.03DallasHaselhorst
 
Call US-88OO1O2216 Call Girls In Mahipalpur Female Escort Service
Call US-88OO1O2216 Call Girls In Mahipalpur Female Escort ServiceCall US-88OO1O2216 Call Girls In Mahipalpur Female Escort Service
Call US-88OO1O2216 Call Girls In Mahipalpur Female Escort Servicecallgirls2057
 
Future Of Sample Report 2024 | Redacted Version
Future Of Sample Report 2024 | Redacted VersionFuture Of Sample Report 2024 | Redacted Version
Future Of Sample Report 2024 | Redacted VersionMintel Group
 

Dernier (20)

FULL ENJOY Call girls in Paharganj Delhi | 8377087607
FULL ENJOY Call girls in Paharganj Delhi | 8377087607FULL ENJOY Call girls in Paharganj Delhi | 8377087607
FULL ENJOY Call girls in Paharganj Delhi | 8377087607
 
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR
 
Call Us 📲8800102216📞 Call Girls In DLF City Gurgaon
Call Us 📲8800102216📞 Call Girls In DLF City GurgaonCall Us 📲8800102216📞 Call Girls In DLF City Gurgaon
Call Us 📲8800102216📞 Call Girls In DLF City Gurgaon
 
Call Us ➥9319373153▻Call Girls In North Goa
Call Us ➥9319373153▻Call Girls In North GoaCall Us ➥9319373153▻Call Girls In North Goa
Call Us ➥9319373153▻Call Girls In North Goa
 
8447779800, Low rate Call girls in Tughlakabad Delhi NCR
8447779800, Low rate Call girls in Tughlakabad Delhi NCR8447779800, Low rate Call girls in Tughlakabad Delhi NCR
8447779800, Low rate Call girls in Tughlakabad Delhi NCR
 
Market Sizes Sample Report - 2024 Edition
Market Sizes Sample Report - 2024 EditionMarket Sizes Sample Report - 2024 Edition
Market Sizes Sample Report - 2024 Edition
 
Digital Transformation in the PLM domain - distrib.pdf
Digital Transformation in the PLM domain - distrib.pdfDigital Transformation in the PLM domain - distrib.pdf
Digital Transformation in the PLM domain - distrib.pdf
 
Investment in The Coconut Industry by Nancy Cheruiyot
Investment in The Coconut Industry by Nancy CheruiyotInvestment in The Coconut Industry by Nancy Cheruiyot
Investment in The Coconut Industry by Nancy Cheruiyot
 
Kenya Coconut Production Presentation by Dr. Lalith Perera
Kenya Coconut Production Presentation by Dr. Lalith PereraKenya Coconut Production Presentation by Dr. Lalith Perera
Kenya Coconut Production Presentation by Dr. Lalith Perera
 
Youth Involvement in an Innovative Coconut Value Chain by Mwalimu Menza
Youth Involvement in an Innovative Coconut Value Chain by Mwalimu MenzaYouth Involvement in an Innovative Coconut Value Chain by Mwalimu Menza
Youth Involvement in an Innovative Coconut Value Chain by Mwalimu Menza
 
APRIL2024_UKRAINE_xml_0000000000000 .pdf
APRIL2024_UKRAINE_xml_0000000000000 .pdfAPRIL2024_UKRAINE_xml_0000000000000 .pdf
APRIL2024_UKRAINE_xml_0000000000000 .pdf
 
Ms Motilal Padampat Sugar Mills vs. State of Uttar Pradesh & Ors. - A Milesto...
Ms Motilal Padampat Sugar Mills vs. State of Uttar Pradesh & Ors. - A Milesto...Ms Motilal Padampat Sugar Mills vs. State of Uttar Pradesh & Ors. - A Milesto...
Ms Motilal Padampat Sugar Mills vs. State of Uttar Pradesh & Ors. - A Milesto...
 
Annual General Meeting Presentation Slides
Annual General Meeting Presentation SlidesAnnual General Meeting Presentation Slides
Annual General Meeting Presentation Slides
 
Marketplace and Quality Assurance Presentation - Vincent Chirchir
Marketplace and Quality Assurance Presentation - Vincent ChirchirMarketplace and Quality Assurance Presentation - Vincent Chirchir
Marketplace and Quality Assurance Presentation - Vincent Chirchir
 
MAHA Global and IPR: Do Actions Speak Louder Than Words?
MAHA Global and IPR: Do Actions Speak Louder Than Words?MAHA Global and IPR: Do Actions Speak Louder Than Words?
MAHA Global and IPR: Do Actions Speak Louder Than Words?
 
Case study on tata clothing brand zudio in detail
Case study on tata clothing brand zudio in detailCase study on tata clothing brand zudio in detail
Case study on tata clothing brand zudio in detail
 
Cybersecurity Awareness Training Presentation v2024.03
Cybersecurity Awareness Training Presentation v2024.03Cybersecurity Awareness Training Presentation v2024.03
Cybersecurity Awareness Training Presentation v2024.03
 
Call US-88OO1O2216 Call Girls In Mahipalpur Female Escort Service
Call US-88OO1O2216 Call Girls In Mahipalpur Female Escort ServiceCall US-88OO1O2216 Call Girls In Mahipalpur Female Escort Service
Call US-88OO1O2216 Call Girls In Mahipalpur Female Escort Service
 
Corporate Profile 47Billion Information Technology
Corporate Profile 47Billion Information TechnologyCorporate Profile 47Billion Information Technology
Corporate Profile 47Billion Information Technology
 
Future Of Sample Report 2024 | Redacted Version
Future Of Sample Report 2024 | Redacted VersionFuture Of Sample Report 2024 | Redacted Version
Future Of Sample Report 2024 | Redacted Version
 

Herd Immunity in InfoSec - Does the concept apply to cybersecurity risks

  • 1. Herd Immunity – Does this concept from Immunology have relevance for Information Security? Risk Analysis for the 21st Century® Patrick Florer Risk Centric Security, Inc. www.riskcentricsecurity.com
  • 2. Bio Patrick Florer has worked in information technology for 34 years. In addition, he worked a parallel track in medical outcomes research, analysis, and the creation of evidence-based guidelines for medical treatment. His roles have included IT operations, programming, and systems analysis. From 1986 until now, he has worked as an independent consultant, helping customers with strategic development, analytics, risk analysis, and decision analysis. He is a cofounder of Risk Centric Security and currently serves as Chief Technology Officer. In addition, he is a Fellow of the Ponemon Institute. Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
  • 3. Agenda What is herd immunity? Why does it work? How can it help us when it does work? How does the arithmetic work? Discussion and Q & A Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
  • 4. Once upon a time … . Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
  • 5. Why the Blind Men and the Elephant? Be open – avoid jumping to conclusions. Be skeptical – don’t believe everything you see or hear. This is a work in progress and I appreciate your input. Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
  • 6. Medicine and Information Security Viruses Worms Infections Immunization Inoculation Monoculture Base rates Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
  • 7. What is Herd Immunity? “Herd immunity (or community immunity) describes a form of immunity that occurs when the vaccination of a significant portion of a population (or herd) provides a measure of protection for individuals who have not developed immunity. Herd immunity theory proposes that, in contagious diseases that are transmitted from individual to individual, chains of infection are likely to be disrupted when large numbers of a population are immune or less susceptible to the disease. The greater the proportion of individuals who are resistant, the smaller the probability that a susceptible individual will come into contact with an infectious individual.” From wikipedia.com Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
  • 8. What is Herd Immunity? “Vaccination acts as a sort of firebreak or firewall in the spread of the disease, slowing or preventing further transmission of the disease to others. Unvaccinated individuals are indirectly protected by vaccinated individuals, as the latter are less likely to contract and transmit the disease between infected and susceptible individuals.” “Herd immunity generally applies only to diseases that are contagious. It does not apply to diseases such as tetanus (which is infectious, but is not contagious), where the vaccine protects only the vaccinated person from disease.” From wikipedia.com Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
  • 9. Assumptions The individuals in the population are well mixed – i.e.: there are no concentrations of susceptible individuals. The infection spreads by means of contagion – from person to person, entity to entity, etc. The infection has a finite ability to infect others. Immunization is 100% effective. Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
  • 10. Herd Immunity Thresholds Estimated Herd Immunity thresholds for vaccine preventable diseases Disease Transmission R0 Herd immunity threshold Diphtheria Saliva 6–7 85% Measles Airborne 12–18 92–94% Mumps Airborne droplet 4–7 75–86% Pertussis Airborne droplet 12–17 92–94% Polio Fecal-oral route 5–7 80–86% Rubella Airborne droplet 5–7 80–85% Smallpox Social contact 6–7 83–85% R0 is the basic reproduction number, or the average number of secondary infectious cases that are produced by a single index case in completely susceptible population. From wikipedia.com Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
  • 11. Why does it work? No contagious disease has an infinite capability to infect. Sooner or later, the disease runs its course, its infection chain is broken, or something shuts it down. Immunization reduces the probability that an infected person will come in contact with a susceptible person. Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
  • 12. How does it help us when it works? Unless small or circumscribed in some way, it is almost impossible to immunize every member of a population. Some members of a population cannot tolerate immunization. It can be very expensive to immunize every member of a population. By giving us an estimate of a threshold immunization level, herd immunity can help us utilize resources more effectively. Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
  • 13. Definitions R0 – the basic Reproduction number: the estimated number of secondary infections that a contagious disease can cause S = the proportion of susceptible/unvaccinated individuals in a population: S = 1 minus proportion of vaccinated individuals HI = Herd Immunity threshold – percentage of immune individuals Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
  • 14. The Math In order for a disease not to die off, each infected individual must be able to infect at least one other individual. Mathematically, this means that: R0 x S = 1 The Herd Immunity threshold (percentage immune) plus the percentage of susceptible individuals must =1 HI + S = 1 Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
  • 15. The Math If Then HI + S = 1 S = (1 – HI) If R0 x S = 1 Then you can substitute (1 – HI) for S, which gives: R0 x (1 – HI)= 1 Which transforms to: HI = 1 – 1/ R0 Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
  • 16. The Math – an example Assume that : R0 =7 HI = 1 – 1 / R0 =1–1/7 = 1 - .143 = 0.85.7 or ~ 86% Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
  • 17. Results Assumption: Immunization is 100% effective Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
  • 18. Results Required Coverage Rate – 100% Effectiveness 100% 90% 80% 70% 60% 50% 40% 30% 20% 10% 0% 0 10 20 30 40 50 Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved. 60 70 80 90 100
  • 19. Results You can also account for a vaccine that is less than 100% effective. In this case, you must adjust S by some number. If S = 10% and HI = 90%, assuming 100% vaccine effectiveness, then, at 90% effectiveness: HI = 90% x 90% = 81% S = 100% - 81% = 19% And Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
  • 20. The Math – an example In this scenario, a 10 percentage point drop in effectiveness means that the susceptible population has almost doubled, from 10% to 19%. This also means that R0, the effective reach (R0)of the disease will almost double, from 5 to 10. Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
  • 21. Summary The individuals in the population are well mixed – i.e.: there are no concentrations of susceptible individuals. The infection spreads by means of contagion – from person to person, entity to entity, etc. The infection has a finite ability to infect others. The math: HI = 1 – 1/ R0 Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
  • 22. Summary We have covered the easy part. Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
  • 23. Summary Now, for the hard part Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
  • 24. Application to Infosec Which kinds of “infections” are contagious – i.e.: they spread laterally, from machine or user to machine or user? Do viruses, worms, and malware have a finite ability to infect, or do they just keep pounding away, looking for a way to spread? Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
  • 25. Application to Infosec – Use Cases Endpoint Security Patching Custom Software Legacy Systems Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
  • 26. How would we measure success? What metrics could we implement in order to understand success and failure? How do we estimate R0 in a computing environment? What kinds of controlled experiments might we design? Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
  • 27. Thank You! Patrick Florer 214.828.1172 patrick@riskcentricsecurity.com Risk Analysis for the 21st Century® Risk Centric Security, Inc. www.riskcentricsecurity.com Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved.