Standardizing Breach Incident Reporting: Introduction of a Key for Hierarchical Classification

Organizations maintaining information want to understand how to protect it and to do so in a way that will be the most effective. In the US, most states have passed laws requiring notification of breaches, without specifying any particular requirements with respect to the cause-either root or proximate. In earlier research we proposed a hierarchical taxonomy by which we can classify breaches by proximate cause based on publicly available information that is both accurate and as precise as the data will allow. Our analysis showed statistically significant correlations between breach type and some industries. In the present work, we discuss the use of a key to improve consistency in the classification of breaches with our taxonomy. We find that the key achieves its objective of increasing consistent classification of breaches, but that challenges remain in the use of unstructured data apparently designed primarily to assure the public that no particular harm has come as a result of the breach.