Herd Immunity – Does this concept from Immunology have relevance for Information Security?

Herd Immunity – Does this concept
from Immunology have relevance for
Information Security?

Risk Analysis for the 21st Century®

Patrick Florer
Risk Centric Security, Inc.
www.riskcentricsecurity.com

Bio
Patrick Florer has worked in information technology
for 34 years. In addition, he worked a parallel track
in medical outcomes research, analysis, and the
creation of evidence-based guidelines for medical
treatment. His roles have included IT operations,
programming, and systems analysis. From 1986 until
now, he has worked as an independent
consultant, helping customers with strategic
development, analytics, risk analysis, and decision
analysis. He is a cofounder of Risk Centric Security
and currently serves as Chief Technology Officer. In
addition, he is a Fellow of the Ponemon Institute.
Risk Centric Security, Inc. Confidential and Proprietary .
Copyright © 2013 Risk Centric Security, Inc . All rights reserved.

Agenda
What is herd immunity?
Why does it work?
How can it help us when it does work?
How does the arithmetic work?
Discussion and Q & A


Once upon a time …
.


Why the Blind Men and the Elephant?
Be open – avoid jumping to conclusions.

Be skeptical – don’t believe everything you see or
hear.

This is a work in progress and I appreciate your
input.


Medicine and Information Security
Viruses
Worms
Infections
Immunization
Inoculation
Monoculture
Base rates


What is Herd Immunity?
“Herd immunity (or community immunity) describes a form of
immunity that occurs when the vaccination of a significant
portion of a population (or herd) provides a measure of
protection for individuals who have not developed immunity.
Herd immunity theory proposes that, in contagious diseases
that are transmitted from individual to individual, chains of
infection are likely to be disrupted when large numbers of a
population are immune or less susceptible to the disease. The
greater the proportion of individuals who are resistant, the
smaller the probability that a susceptible individual will come
into contact with an infectious individual.”
From wikipedia.com


What is Herd Immunity?
“Vaccination acts as a sort of firebreak or firewall in the
spread of the disease, slowing or preventing further
transmission of the disease to others. Unvaccinated
individuals are indirectly protected by vaccinated individuals,
as the latter are less likely to contract and transmit the
disease between infected and susceptible individuals.”
“Herd immunity generally applies only to diseases that are
contagious. It does not apply to diseases such as tetanus
(which is infectious, but is not contagious), where the vaccine
protects only the vaccinated person from disease.”
From wikipedia.com


Assumptions
The individuals in the population are well mixed –
i.e.: there are no concentrations of susceptible
individuals.
The infection spreads by means of contagion –
from person to person, entity to entity, etc.
The infection has a finite ability to infect others.
Immunization is 100% effective.

Herd Immunity Thresholds
Estimated Herd Immunity thresholds for vaccine preventable diseases
Disease

Transmission

R0

Herd immunity threshold

Diphtheria

Saliva

6–7

85%

Measles

Airborne

12–18

92–94%

Mumps

Airborne droplet

4–7

75–86%

Pertussis

Airborne droplet

12–17

92–94%

Polio

Fecal-oral route

5–7

80–86%

Rubella

Airborne droplet

5–7

80–85%

Smallpox

Social contact

6–7

83–85%

R0 is the basic reproduction number, or the average number of secondary infectious cases that are produced by a single
index case in completely susceptible population.

From wikipedia.com


Why does it work?
No contagious disease has an infinite capability to
infect. Sooner or later, the disease runs its course,
its infection chain is broken, or something shuts it
down.
Immunization reduces the probability that an
infected person will come in contact with a
susceptible person.


How does it help us when it works?
Unless small or circumscribed in some way, it is
almost impossible to immunize every member of a
population.
Some members of a population cannot tolerate
immunization.
It can be very expensive to immunize every
member of a population.
By giving us an estimate of a threshold
immunization level, herd immunity can help us
utilize resources more effectively.

Definitions
R0 – the basic Reproduction number: the
estimated number of secondary infections that a
contagious disease can cause
S = the proportion of susceptible/unvaccinated
individuals in a population:
S = 1 minus proportion of vaccinated individuals
HI = Herd Immunity threshold – percentage of
immune individuals

The Math
In order for a disease not to die off, each infected
individual must be able to infect at least one other
individual. Mathematically, this means that:
R0 x S = 1
The Herd Immunity threshold (percentage immune)
plus the percentage of susceptible individuals must
=1
HI + S = 1


The Math
If
Then

HI + S = 1
S = (1 – HI)

If

R0 x S = 1

Then you can substitute (1 – HI) for S, which gives:
R0 x (1 – HI)= 1
Which transforms to:
HI = 1 – 1/ R0

The Math – an example
Assume that :
R0

=7

HI

= 1 – 1 / R0
=1–1/7
= 1 - .143
= 0.85.7 or ~ 86%


Results
Assumption: Immunization is 100% effective


Results
Required Coverage Rate – 100% Effectiveness
100%
90%
80%
70%
60%
50%
40%
30%
20%
10%
0%
0

10

20

30

40

50


60

70

80

90

100

Results
You can also account for a vaccine that is less
than 100% effective. In this case, you must adjust S
by some number.
If S = 10% and HI = 90%, assuming 100% vaccine
effectiveness, then, at 90% effectiveness:
HI

= 90% x 90%
= 81%

S

= 100% - 81%
= 19%

And


The Math – an example
In this scenario, a 10 percentage point drop in
effectiveness means that the susceptible
population has almost doubled, from 10% to 19%.
This also means that R0, the effective reach (R0)of
the disease will almost double, from 5 to 10.


Summary
The individuals in the population are well mixed –
i.e.: there are no concentrations of susceptible
individuals.
The infection spreads by means of contagion –
from person to person, entity to entity, etc.
The infection has a finite ability to infect others.
The math:

HI = 1 – 1/ R0


Summary

We have covered the easy part.


Summary

Now, for the hard part


Application to Infosec
Which kinds of “infections” are contagious – i.e.:
they spread laterally, from machine or user to
machine or user?
Do viruses, worms, and malware have a finite
ability to infect, or do they just keep pounding
away, looking for a way to spread?


Application to Infosec – Use Cases
Endpoint Security
Patching
Custom Software
Legacy Systems


How would we measure success?
What metrics could we implement in order to
understand success and failure?
How do we estimate R0 in a computing
environment?
What kinds of controlled experiments might we
design?


Thank You!

Patrick Florer
214.828.1172
patrick@riskcentricsecurity.com

Risk Analysis for the 21st Century®

Risk Centric Security, Inc.
www.riskcentricsecurity.com


Herd Immunity – Does this concept from Immunology have relevance for Information Security?

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to Herd Immunity – Does this concept from Immunology have relevance for Information Security?

Similar to Herd Immunity – Does this concept from Immunology have relevance for Information Security? (20)

More from Patrick Florer

More from Patrick Florer (6)

Recently uploaded

Recently uploaded (20)

Herd Immunity – Does this concept from Immunology have relevance for Information Security?