IDS mailing list archives

Re: Recent anti-NIDS Gartner article

From: Michael Sierchio <kudzu () tenebras com>
Date: Wed, 18 Jun 2003 10:57:30 -0700

Jim Butterworth wrote:

I think an IDS is a lot like an insurance policy.  Think of it like
this, it in theory, is a great solution to the growing information
security threats and trends.  But an IDS is not a panacea.  It is not
something that can fairly be measured for ROI.  How do you justify ROI
every month when you pay auto insurance and never ever have an accident?
What about the deductible that you have to pay anyway when you need to
make a claim?   All's I can say to that is, when you need it, it'd
better be good coverage!


This is an apt analogy, but risk managers and accountants do have
quantitative ROI models for insurance, etc. -- this is how tolerance
for risk and value of assets drive what level of protection is worth
what price.

I'll repeat my previous claim, somewhat obscured by my facetious
tone, that the real meaning of Gartner's posturing is an attempt
to reclaim credibility in the face of their own history of hype
during the dot com bubble.  They claim that their hype cycle doo-wah
is valuable for accurately valuing technology companies.  Astute
readers will not be taken in -- they're still selling something.

A meta-question:  how can you tell when you're getting good advice?

Cheers,

Michael Sierchio

--

"Well," Brahma said, "even after ten thousand explanations, a fool is no
 wiser, but an intelligent man requires only two thousand five hundred."
                - The Mahabharata


-------------------------------------------------------------------------------

Attend the Black Hat Briefings & Training, July 28 - 31 in Las Vegas, theworld's premier technical IT security event! 10 tracks, 15 training sessions,1,800 delegates from 30 nations including all of the top experts, from CSO's to"underground" security specialists. See for yourself what the buzz is about!Early-bird registration ends July 3. This event will sell out. www.blackhat.com

-------------------------------------------------------------------------------

Current thread:

Recent anti-NIDS Gartner article Ron Gula (Jun 17)
- RE: Recent anti-NIDS Gartner article Mike Blomgren (Jun 17)
  - Re: Recent anti-NIDS Gartner article Stephen Samuel (Jun 18)
- Re: Recent anti-NIDS Gartner article nyec (Jun 17)
- Re: Recent anti-NIDS Gartner article Stephen P. Berry (Jun 18)
- <Possible follow-ups>
- RE: Recent anti-NIDS Gartner article Reverman, Peter C (Jun 17)
  - RE: Recent anti-NIDS Gartner article - BruteForce Security Robert J. Mehler (Jun 17)
    - Recent anti-NIDS Gartner article Srinivasa Rao Addepalli (Jun 18)
  - RE: Recent anti-NIDS Gartner article Jim Butterworth (Jun 18)
    - Re: Recent anti-NIDS Gartner article Michael Sierchio (Jun 18)
- Re: Recent anti-NIDS Gartner article Srinivasa Rao Addepalli (Jun 18)
  - Re: Recent anti-NIDS Gartner article Stephen Samuel (Jun 19)
    - Re: Recent anti-NIDS Gartner article Srinivasa Rao Addepalli (Jun 22)
  - RE: Recent anti-NIDS Gartner article Jim Butterworth (Jun 19)
- RE: Recent anti-NIDS Gartner article Hall, Andrew (DPRS) (Jun 19)
  - RE: Recent anti-NIDS Gartner article Paul Benedek (Jun 22)
- Re: Recent anti-NIDS Gartner article Richard Ginski (Jun 19)