Educause Security Discussion mailing list archives

Cost!

From: "Murphy, James" <JCMurphy () UNCH UNC EDU>
Date: Wed, 16 Jun 2004 09:31:25 -0400

Does anyone have any current or recent documentation on the cost of the
*lack* of adequate information security, or pointers to papers that describe
the cost?  I'm especially looking for the negative costs - down time or idle
time (equating to lost work time), lost data/information, bad press or
reputation damage, etc.  I know that some of these are difficult to specify
an exact dollar amount, but I am trying to get some general ideas.  I will
certainly be scanning websites - SANS, CERT, etc., but I would not be
surprised that this community has tons of resources at its collective
fingertips!

Thanks in advance,

Jim

James C. Murphy, MSIS, CISSP, GSEC
Information Security Analyst
UNC Health Care System
211 Friday Center Drive, Suite 2091
Chapel Hill, NC 27517
ph: 919.843.0358  fx: 919.966.1053
jcmurphy () unch unc edu



**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/cg/.

Current thread:

Cost! Murphy, James (Jun 16)
- <Possible follow-ups>
- Re: Cost! Tim Platt (Jun 16)
- Re: Cost! Murphy, James (Jun 16)
- Re: Cost! Lois Lehman (Jun 16)
- Re: Cost! Dewitt Latimer (Jun 16)
- Re: Cost! Eli Dart (Jun 16)
- Re: Cost! Professor George Davida (Jun 17)
- Re: Cost! Murphy, James (Jun 17)