Hard Data Is Good to Find

Several agencies and information researchers continue to gather data that are required to create indices of information security threats and solutions. The Anti-Phishing Working Group is one of these agencies that collects phishing data, taking April, 2005 as the base. Four measures, such as the number of phishing reports, phishing sites, malware variants, and malware sites are considered to collect such data. Commtouch is a company that provides antispam and virus outbreak protection, using November 2005 as the base point for preparing such indices. The National Vulnerability Database publishes a regular number that is a priority-weighted sum of the significant vulnerabilities that information technology security operations staff need to address. The combined presentation of the four indices helps in gathering information about different kinds of security challenges and their solutions.