Educause Security Discussion mailing list archives

Re: Cost!

From: "Murphy, James" <JCMurphy () UNCH UNC EDU>
Date: Thu, 17 Jun 2004 10:59:50 -0400

Lack of adequate and appropriate spending on technology security has always
been a concern, especially when comparisons like George's are brought out.
I am sensing that it is approaching a critical point and may require a sea
change in the way information is managed in the future.  I think there is a
great deal of ignorance among the purse-holders (not to forget all the
people down the hallway!!), and perhaps a good dose of naivete and taking
the powerful technology that is evolving under their noses for granted.

I honestly think that when more of the hidden costs of the unattended risks
are disclosed, it will bring an awareness that the existing practices of
information and technology management simply cannot be continued, though we
all know that we have no assurance that the purse-holders will get the
picture.  The trouble is that though security knowledge is growing apace
with the threats, current security practices are increasingly inadequate,
and those hidden costs may begin to surface at more and more embarassing
times.  Simply staying "current" means losing ground!

I get the sense that most of the participants in this listserv understand
this already, and I don't really think I am saying anything new in this
email.  I do have some ideas and models that I will be bringing out in the
near future hopefully to enhance the case we are trying to make.

Thanks for the discussion and feedback!!

Jim

James C. Murphy, MSIS, CISSP, GSEC
Information Security Analyst
UNC Health Care System
211 Friday Center Drive, Suite 2091
Chapel Hill, NC 27517
ph: 919.843.0358  fx: 919.966.1053
jcmurphy () unch unc edu



-----Original Message-----
From: Professor George Davida [mailto:davida () CSD UWM EDU]
Sent: Thursday, June 17, 2004 10:17 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Cost!


If one were to prioritize spending, how much do they spend
on security vs executive compensation? or on lavish
trips
Far more meaningful comparison than coffee
After all, these folks get increases and golden parachutes
regardless of how poorly the co does in either profits
or security lapses

George Davida

**********
Participation and subscription information for this EDUCAUSE Discussion
Group discussion list can be found at http://www.educause.edu/cg/.

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/cg/.

Current thread:

Cost! Murphy, James (Jun 16)
- <Possible follow-ups>
- Re: Cost! Tim Platt (Jun 16)
- Re: Cost! Murphy, James (Jun 16)
- Re: Cost! Lois Lehman (Jun 16)
- Re: Cost! Dewitt Latimer (Jun 16)
- Re: Cost! Eli Dart (Jun 16)
- Re: Cost! Professor George Davida (Jun 17)
- Re: Cost! Murphy, James (Jun 17)