'I am not a numero!': assessing global security threat levels

Late last year Gartner analyst Greg Young wrote a blog post about the varying worldwide security threat levels as indicated in vendor online threat centres. He pointed out that, since global vendors are likely to detect the same active threats, they should post the same threat levels. However, vendors use different scale factors with conditions ranging from one to four or levels ranging from one to nine. Other vendors do not even provide threat levels on their public websites - possibly because they are providing details directly to their enterprise users or because they have no precise way of assigning public levels. Sadly, the threat level posting is proving to be more of a marketing add-on than a tool for security awareness.
Threat level is not just a number. This paper exposes the computation and logic behind threat levels and covers the three different security threat categories (virus/spyware, spam and vulnerabilities) that are different in nature. It will also touch on the complex formula affecting current threat levels. After all, the security community needs a standard way of assigning threat levels so it is transparent and helpful to end users.


Late last year Gartner analyst Greg Young wrote a blog post about the varying worldwide security threat levels as indicated in vendor online threat centres. He pointed out that, since global vendors are likely to detect the same active threats, they should post the same threat levels. However, vendors use different scale factors with conditions ranging from one to four or levels ranging from one to nine. Other vendors do not even provide threat levels on their public websites - possibly because they are providing details directly to their enterprise users or because they have no precise way of assigning public levels. Sadly, the threat level posting is proving to be more of a marketing add-on than a tool for security awareness.
Threat level is not just a number. This paper exposes the computation and logic behind threat levels and covers the three different security threat categories (virus/spyware, spam and vulnerabilities) that are different in nature. It will also touch on the complex formula affecting current threat levels. After all, the security community needs a standard way of assigning threat levels so it is transparent and helpful to end users.

References

Virus Bulletin Conference 2009