Educause Security Discussion mailing list archives
Cost!
From: "Murphy, James" <JCMurphy () UNCH UNC EDU>
Date: Wed, 16 Jun 2004 09:31:25 -0400
Does anyone have any current or recent documentation on the cost of the *lack* of adequate information security, or pointers to papers that describe the cost? I'm especially looking for the negative costs - down time or idle time (equating to lost work time), lost data/information, bad press or reputation damage, etc. I know that some of these are difficult to specify an exact dollar amount, but I am trying to get some general ideas. I will certainly be scanning websites - SANS, CERT, etc., but I would not be surprised that this community has tons of resources at its collective fingertips! Thanks in advance, Jim James C. Murphy, MSIS, CISSP, GSEC Information Security Analyst UNC Health Care System 211 Friday Center Drive, Suite 2091 Chapel Hill, NC 27517 ph: 919.843.0358 fx: 919.966.1053 jcmurphy () unch unc edu ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/cg/.