IDS mailing list archives
Re: Is IDS/IPS worthless?
From: Stefano Zanero <stefano.zanero () ieee org>
Date: Thu, 26 Feb 2004 10:11:06 +0100
Mike Lyman wrote:
On Fri, 2004-02-20 at 10:31, Andrew Plato wrote:So this speaker then challenged me to come up with verifiable metrics. I replied that he would have to define what metrics he wants? What does he consider a "viable metric" for performance. He said "did they sell more products, make more money?" I replied "why is that the only metric thatStandard security ROI question when security doesn't have an ROI unless you're selling security. Do locks on the doors help you sell more product (unless you sell locks) or sprinkler heads in the ceilings helpyou make more money?
Right. Security investment can be managed and evaluated with the same approach as business insurances. Does an insurance produce ROI ? No, it doesn't, but it lowers the risk to that ROI.
Would you prefer a return of 500$ with a risk of, say, 10%, or a return of 5000$ with a 90% risk of becoming 0 ? It probably depends on your investment and your conditions.
These are the questions that managers ask themselves when evaluating, for instance, wether they can afford insurance against theft, or they are willing to throw the money to phisical security, or both, or if they are more willing to cover the eventual cost of theft itself instead.
Whenever anyone talks about ROI in security investment, you should raise an eyebrow (Gartner reports, anyone ?).
-- Cordialmente, Stefano Zanero --------------------------------------------------------------------------- ---------------------------------------------------------------------------
Current thread:
- Is IDS/IPS worthless? Andrew Plato (Feb 20)
- Re: Is IDS/IPS worthless? Mike Lyman (Feb 23)
- RE: Is IDS/IPS worthless? Fergus Brooks (Feb 23)
- Re: Is IDS/IPS worthless? Stefano Zanero (Feb 26)
- Re: Is IDS/IPS worthless? Josh Tolley (Feb 23)
- Re: Is IDS/IPS worthless? Konrad Rieck (Feb 23)
- RE: Is IDS/IPS worthless? Brian Taylor (Feb 23)
- RE: Is IDS/IPS worthless? Fergus Brooks (Feb 23)
- RE: Is IDS/IPS worthless? Duston Sickler (Feb 24)
- RE: Is IDS/IPS worthless? Fergus Brooks (Feb 23)
- RE: Is IDS/IPS worthless? Omar Herrera (Feb 23)
- Re: Is IDS/IPS worthless? Michael Stone (Feb 23)
- Re: Is IDS/IPS worthless? Andy Cuff (Feb 23)
- Re: Is IDS/IPS worthless? Mike Hoskins (Feb 23)
- Re: Is IDS/IPS worthless? Olaf Gellert (Feb 23)
(Thread continues...)
- Re: Is IDS/IPS worthless? Mike Lyman (Feb 23)