Re: Re: ROI on IDS/IPS products

["Ray" <rpesek () hotmail com>]

Here's one of my favorite bookmarks: 
http://www.encryptionreports.com/downld_process_cob_2007.html

Ray

"Brandon Louder" <Brandon.Louder () mckennan org> wrote in message 
news:5C9069F9D829B74F939BE103DF9BFF3080B701 () MCK116 averamail net...
I am interested in that Ponemon figure and how they derived it. Do you
have any links to a white paper or anything with any details?

-Brandon

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of Ray
Sent: Saturday, February 28, 2009 4:21 PM
To: focus-ids () securityfocus com
Subject: Re: ROI on IDS/IPS products

Bingo. Just ask Kaspersky what they would pay for having had an IPS
product
installed (or a web application firewall) that could stop SQL Injection
the
day before they got breached and their reputation took a big hit.

If you get breached and have to notify the people whose information you
lost, Ponemon figures it's about $200 a record now. The good news is
that if
you get breached repeatedly, your cost per record goes down. :-)

Ray
"Jeff Kell" <jeff-kell () utc edu> wrote in message
news:49A8304C.5070506 () utc edu...
> "The day before a breach, the ROI is zero. The day after, it is
> infinite."  -- Dennis Hoffman, RSA







-----------------------------------------
Confidentiality Notice: This e-mail message, including any attachments, is 
for the sole use of the intended recipient(s) and may contain confidential 
and privileged information. Any unauthorized review, use, disclosure, or 
distribution is prohibited. If you are not the intended recipient, please 
contact the sender by reply e-mail and destroy all copies of the original 
message.