IDS mailing list archives
RE: Value of IDS, ROI
From: Federico Lombardo <root () grandistazioni it>
Date: 11 May 2005 08:27:08 -0000
Hi all, I'm terribly sorry for this type of quoting, but It's the only way I can manage from my pocketpc. For first I think that ROI is a wrong economic indicator to manage and maybe justify your budgeting operations or investments in IT Security. When using approaches based on economic indicator we must use the appropriate ones. ROI, for me, is too simple and discrediting for analyzing an IDS/IPS based investments. The reason is quite simple; I know that this is a techical list and not an economic one, but I'll try to explain as simple as I can. The ROI doesn't analyze two important things when calculating this kind of investment: 1) price of the invested money 2) THE RISK OF THE INVESTMENT. Furthermore we must understand that IDS/IPS rarely are used to "CREATE BUSINESS" in a company non-it but profit-oriented, they're usually made for countermeasure and/or forensic analisys. So another IMPORTANT point of view consist in discriminating TWO kind of companies: 1) which use IDS/IPS for CREATING MONEY; such as security consultants or IT Security based enterprises 2) which user IDS/IPS as an "addendum" to the company' IT Services making them "better" Another important concept is that IDS, is a "semi-intangible object". Is easier for us to calculate the ROI for a Server or for a Switch, they are "physical", so, for example, I introduce the "New-Server" in my scenario and the better velocity may be the real-reason that justify my investment. It's difficult to say the same thing for an IDS/IPS. For these we usually listen an investment reason such as "if we don't use and IDS/IPS our network in danger" So from here, only a good risk analisys can justify the investment, not the IDS Product. So the only theory applicable, as soon as I know, for this king of investment is the "VALUE ADDED THEORY". In an accounting analytics manners we maybe use the "payback period" as the only arithmetical indicator. The economic indicators that better explain the ROSI (Return on Security Investment) are the financial ones, not the arithmetical ones. So, for first, in the "VALUE ADDED THEORY" we can begin to "think" using these indicator: + discounted cash flow analysis (DFC) + net present value (NPV) Net Present Value best tie the investment decision to the company objectives, for IT-Secyurity enterprises. NPV furthermore, is able to compare different investments of the same kind. So, on the same way we can discuss the BEST ECONOMIC INDICATOR for these kinds of investments the EVA [TM Stern Stewart & Co]. EVA is a Performance indicator, It explains the effectiveness of the invested money or the "super-yeld" procuced using the risk capital. Applying it to an entire company or a single Organization/production Unit, is simple to understood how and when an investment add or destroy value. EVA = NOPAT Capital charge NOPAT = net operating profit after taxes These is my 5 Cent, please don't blame me for this brain storming, any opinions will be appreciated, don't esitate to contact me in private way :-) Best Regard Lombardo Federico, IT Security Grandi Stazioni S.p.A. Italy -------------------------------------------------------------------------- Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. --------------------------------------------------------------------------
Current thread:
- Re: Value of IDS, ROI, (continued)
- Re: Value of IDS, ROI Vladimir Vuksan (May 03)
- Re: Value of IDS, ROI Bamm Visscher (May 04)
- RE: Value of IDS, ROI Eric Hines (May 06)
- Re: Value of IDS, ROI Bamm Visscher (May 06)
- RE: Value of IDS, ROI Pete Lindstrom (May 06)
- RE: Value of IDS, ROI Eric Hines (May 06)
- Re: Value of IDS, ROI Bob Huber (May 03)
- RE: Value of IDS, ROI Angel L Rivera (May 04)
- Re: Value of IDS, ROI Jason Patel (May 06)
- RE: Value of IDS, ROI John Forristel (SunGard-Chico) (May 06)
- Re: Value of IDS, ROI Chris Byrd (May 06)
- RE: Value of IDS, ROI Federico Lombardo (May 11)
- RE: Value of IDS, ROI THolman (May 19)
- RE: Value of IDS, ROI Justin . Ross (May 28)
- Re: Value of IDS, ROI Jonathan Glass (May 31)
- RE: Value of IDS, ROI Justin . Ross (May 28)