(Originally published on my blog)

While doing some work around the SolarWinds hacks, I realized that there’s just no simple triage scale that we in the industry can use to simply and succinctly characterize the severity of hacks.

This is my proposal for a simple scale to enable simple but meaningful comparisons of the severity of hacks.

Since the most important thing in hacks is the spread and severity, the cancer staging system gives a good model for measuring these kinds of things so this is adapted from that.

  • Stage 0: The attackers have found or made an entry point…

Christopher Budd

Security and privacy professional. Making Awful News Just Bad™ Since 2001.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store