Educause Security Discussion mailing list archives
Re: Security team and budget
From: David Seidl <dseidl () ND EDU>
Date: Tue, 1 Mar 2016 13:45:58 -0500
Theresa, Here are some major items that I've seen as security cost drivers: - IDS/IPS - Threat insight/advanced anti-malware tools (related to IDS/IPS, but aimed at APT and similar issues) - Layered firewalls - SIEM - Vulnerability management - Awareness programs - Forensic capabilities - Compliance efforts - PCI, export controls, and others - Endpoint security, including BYOD and desktop/laptop/mobile device tools - Encryption and other data security items The big network devices and SIEM systems tend to have major outlays and reasonably large ongoing support costs that scale with the size of the pipe you're protecting. Datacenter security tends to cost quite a bit too, as that bandwidth if often bigger than campus borders And a few others that are sometimes related, depending on organizational design: - eDiscovery tools and support - Identity related tools like auditing and monitoring systems - Patch management / version management Finally, this recent SANS Reading Room article seems useful as a way to think about trends and where you are spending your security budget dollars: https://www.sans.org/reading-room/whitepapers/leadership/security-spending-trends-36697 Page 12 was the big impact page for me. David David Seidl Senior Director of Campus Technology Services dseidl () nd edu | 574-631-7305 On Tue, Mar 1, 2016 at 12:56 PM, Theresa Rowe <rowe () oakland edu> wrote:
Hi, After a recent security audit, the auditor suggested that the security budget, inclusive of staffing, was underfunded. Using Gartner and other data, for a university our size, the suggested budget was around $500,000 to $700,000. We are at 45-55% of that amount. At first I thought a major difference would be what we spend on staff; there are two staff members on the team. But when I go to Educause Core Data, and compare our Carnegie class and a created group of identified peers, 2 is the size of the team. This makes me wonder what we are not buying in our security budget. We have AV, logging (hosted Splunk), and the usual stuff, or so I thought. Would anyone be willing to share details about what is included in their security budget? Thanks in advance - -- Theresa Rowe Chief Information Officer Oakland University
Current thread:
- Security team and budget Theresa Rowe (Mar 01)
- Re: Security team and budget Akbari, Amir (Mar 01)
- Re: Security team and budget David Seidl (Mar 01)
- Re: Security team and budget Youngquist, Jason R. (Mar 02)
- Re: Security team and budget Theresa Rowe (Mar 02)
- Re: Security team and budget Hugh Burley (Mar 02)
- Re: Security team and budget Theresa Rowe (Mar 03)
- <Possible follow-ups>
- Re: Security team and budget dsarazen (Mar 02)
- Re: Security team and budget Spahr, Todd M. (Mar 02)
- Re: Security team and budget dsarazen (Mar 03)