Security Basics mailing list archives
Re: Compliance Is Wasted Money, Study Finds
From: Mike Hale <eyeronic.design () gmail com>
Date: Wed, 21 Apr 2010 14:44:35 -0700
I actually disagree with the conclusions presented by this paper. I'm in the process of writing up a more thorough explanation, but my main issue lies with their key finding on compliance spending. According to the paper, roughly 40% is spend on directly securing secrets, and another 40% is spent on compliance of some type. They further suggest that half of this compliance spending is spent on internal compliance, and half on regulatory/external compliance. Internal security policies are designed to protect the network and the companys data. Therefore, reason would dictate that spending on internal compliance is money spent on securing your secrets (a fraction of that spending, anyway). Is it unreasonable to assume that half of money spent on compliance with internal policies postively affects security of your data? I find the findings completely flawed. Am I missing something? -- 09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0 ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Compliance Is Wasted Money, Study Finds Ivan . (Apr 06)
- Re: Compliance Is Wasted Money, Study Finds Bert Knabe (Apr 06)
- Re: Compliance Is Wasted Money, Study Finds Doug Farre (Apr 12)
- Re: Compliance Is Wasted Money, Study Finds Bert Knabe (Apr 12)
- Re: Compliance Is Wasted Money, Study Finds Doug Farre (Apr 12)
- Message not available
- Message not available
- Re: [Full-disclosure] Compliance Is Wasted Money, Study Finds Tracy Reed (Apr 12)
- Re: [Full-disclosure] Compliance Is Wasted Money, Study Finds Valdis . Kletnieks (Apr 12)
- Message not available
- Re: Compliance Is Wasted Money, Study Finds Bert Knabe (Apr 06)
- Re: Compliance Is Wasted Money, Study Finds Mike Hale (Apr 26)
- Re: [Full-disclosure] Compliance Is Wasted Money, Study Finds Valdis . Kletnieks (Apr 26)
- Message not available
- Re: [Full-disclosure] Compliance Is Wasted Money, Study Finds Mike Hale (Apr 26)
- Message not available
- Message not available
- Message not available
- Re: [Full-disclosure] Compliance Is Wasted Money, Study Finds Mike Hale (Apr 26)
- Message not available
- Message not available
- Message not available
- Re: [Full-disclosure] Compliance Is Wasted Money, Study Finds Stephen Mullins (Apr 26)
- Re: [Full-disclosure] Compliance Is Wasted Money, Study Finds Mike Hale (Apr 26)
- Message not available
- Re: [Full-disclosure] Compliance Is Wasted Money, Study Finds Mike Hale (Apr 26)