Herd Immunity – Does this concept from Immunology have relevance for Information Security?
Upcoming SlideShare
Loading in...5
×
 

Herd Immunity – Does this concept from Immunology have relevance for Information Security?

on

  • 171 views

Herd immunity (or community immunity) describes a form of immunity that occurs when the vaccination of a significant portion of a population (or herd) provides a measure of protection for individuals ...

Herd immunity (or community immunity) describes a form of immunity that occurs when the vaccination of a significant portion of a population (or herd) provides a measure of protection for individuals who have not developed immunity.

Is this a useful concept for Risk Analysis in Information Security?

Where does this concept fail to address important issues in Information Security?

Statistics

Views

Total Views
171
Views on SlideShare
171
Embed Views
0

Actions

Likes
0
Downloads
1
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Herd Immunity – Does this concept from Immunology have relevance for Information Security? Herd Immunity – Does this concept from Immunology have relevance for Information Security? Presentation Transcript

  • Herd Immunity – Does this concept from Immunology have relevance for Information Security? Risk Analysis for the 21st Century® Patrick Florer Risk Centric Security, Inc. www.riskcentricsecurity.com
  • Bio Patrick Florer has worked in information technology for 34 years. In addition, he worked a parallel track in medical outcomes research, analysis, and the creation of evidence-based guidelines for medical treatment. His roles have included IT operations, programming, and systems analysis. From 1986 until now, he has worked as an independent consultant, helping customers with strategic development, analytics, risk analysis, and decision analysis. He is a cofounder of Risk Centric Security and currently serves as Chief Technology Officer. In addition, he is a Fellow of the Ponemon Institute. Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
  • Agenda What is herd immunity? Why does it work? How can it help us when it does work? How does the arithmetic work? Discussion and Q & A Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
  • Once upon a time … . Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
  • Why the Blind Men and the Elephant? Be open – avoid jumping to conclusions. Be skeptical – don’t believe everything you see or hear. This is a work in progress and I appreciate your input. Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
  • Medicine and Information Security Viruses Worms Infections Immunization Inoculation Monoculture Base rates Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
  • What is Herd Immunity? “Herd immunity (or community immunity) describes a form of immunity that occurs when the vaccination of a significant portion of a population (or herd) provides a measure of protection for individuals who have not developed immunity. Herd immunity theory proposes that, in contagious diseases that are transmitted from individual to individual, chains of infection are likely to be disrupted when large numbers of a population are immune or less susceptible to the disease. The greater the proportion of individuals who are resistant, the smaller the probability that a susceptible individual will come into contact with an infectious individual.” From wikipedia.com Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
  • What is Herd Immunity? “Vaccination acts as a sort of firebreak or firewall in the spread of the disease, slowing or preventing further transmission of the disease to others. Unvaccinated individuals are indirectly protected by vaccinated individuals, as the latter are less likely to contract and transmit the disease between infected and susceptible individuals.” “Herd immunity generally applies only to diseases that are contagious. It does not apply to diseases such as tetanus (which is infectious, but is not contagious), where the vaccine protects only the vaccinated person from disease.” From wikipedia.com Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
  • Assumptions The individuals in the population are well mixed – i.e.: there are no concentrations of susceptible individuals. The infection spreads by means of contagion – from person to person, entity to entity, etc. The infection has a finite ability to infect others. Immunization is 100% effective. Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
  • Herd Immunity Thresholds Estimated Herd Immunity thresholds for vaccine preventable diseases Disease Transmission R0 Herd immunity threshold Diphtheria Saliva 6–7 85% Measles Airborne 12–18 92–94% Mumps Airborne droplet 4–7 75–86% Pertussis Airborne droplet 12–17 92–94% Polio Fecal-oral route 5–7 80–86% Rubella Airborne droplet 5–7 80–85% Smallpox Social contact 6–7 83–85% R0 is the basic reproduction number, or the average number of secondary infectious cases that are produced by a single index case in completely susceptible population. From wikipedia.com Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
  • Why does it work? No contagious disease has an infinite capability to infect. Sooner or later, the disease runs its course, its infection chain is broken, or something shuts it down. Immunization reduces the probability that an infected person will come in contact with a susceptible person. Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
  • How does it help us when it works? Unless small or circumscribed in some way, it is almost impossible to immunize every member of a population. Some members of a population cannot tolerate immunization. It can be very expensive to immunize every member of a population. By giving us an estimate of a threshold immunization level, herd immunity can help us utilize resources more effectively. Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
  • Definitions R0 – the basic Reproduction number: the estimated number of secondary infections that a contagious disease can cause S = the proportion of susceptible/unvaccinated individuals in a population: S = 1 minus proportion of vaccinated individuals HI = Herd Immunity threshold – percentage of immune individuals Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
  • The Math In order for a disease not to die off, each infected individual must be able to infect at least one other individual. Mathematically, this means that: R0 x S = 1 The Herd Immunity threshold (percentage immune) plus the percentage of susceptible individuals must =1 HI + S = 1 Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
  • The Math If Then HI + S = 1 S = (1 – HI) If R0 x S = 1 Then you can substitute (1 – HI) for S, which gives: R0 x (1 – HI)= 1 Which transforms to: HI = 1 – 1/ R0 Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
  • The Math – an example Assume that : R0 =7 HI = 1 – 1 / R0 =1–1/7 = 1 - .143 = 0.85.7 or ~ 86% Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
  • Results Assumption: Immunization is 100% effective Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
  • Results Required Coverage Rate – 100% Effectiveness 100% 90% 80% 70% 60% 50% 40% 30% 20% 10% 0% 0 10 20 30 40 50 Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved. 60 70 80 90 100
  • Results You can also account for a vaccine that is less than 100% effective. In this case, you must adjust S by some number. If S = 10% and HI = 90%, assuming 100% vaccine effectiveness, then, at 90% effectiveness: HI = 90% x 90% = 81% S = 100% - 81% = 19% And Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
  • The Math – an example In this scenario, a 10 percentage point drop in effectiveness means that the susceptible population has almost doubled, from 10% to 19%. This also means that R0, the effective reach (R0)of the disease will almost double, from 5 to 10. Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
  • Summary The individuals in the population are well mixed – i.e.: there are no concentrations of susceptible individuals. The infection spreads by means of contagion – from person to person, entity to entity, etc. The infection has a finite ability to infect others. The math: HI = 1 – 1/ R0 Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
  • Summary We have covered the easy part. Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
  • Summary Now, for the hard part Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
  • Application to Infosec Which kinds of “infections” are contagious – i.e.: they spread laterally, from machine or user to machine or user? Do viruses, worms, and malware have a finite ability to infect, or do they just keep pounding away, looking for a way to spread? Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
  • Application to Infosec – Use Cases Endpoint Security Patching Custom Software Legacy Systems Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
  • How would we measure success? What metrics could we implement in order to understand success and failure? How do we estimate R0 in a computing environment? What kinds of controlled experiments might we design? Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved.
  • Thank You! Patrick Florer 214.828.1172 patrick@riskcentricsecurity.com Risk Analysis for the 21st Century® Risk Centric Security, Inc. www.riskcentricsecurity.com Risk Centric Security, Inc. Confidential and Proprietary . Copyright © 2013 Risk Centric Security, Inc . All rights reserved.