IDS mailing list archives
Re: Is IDS/IPS worthless?
From: George Capehart <gwc () acm org>
Date: Tue, 2 Mar 2004 18:21:26 -0500
On Thursday 26 February 2004 04:11 am, Stefano Zanero wrote: <snip>
Right. Security investment can be managed and evaluated with the same approach as business insurances. Does an insurance produce ROI ? No, it doesn't, but it lowers the risk to that ROI.
<snip>
These are the questions that managers ask themselves when evaluating, for instance, wether they can afford insurance against theft, or they are willing to throw the money to phisical security, or both, or if they are more willing to cover the eventual cost of theft itself instead. Whenever anyone talks about ROI in security investment, you should raise an eyebrow (Gartner reports, anyone ?).
Yes. Information security is part of an organization's risk management process. The "closest-to-home" illustration of that is the certification and accreditation process. "ROI in Security Investement" is a red herring. Either an organization manages its risk or it doesn't. The "ROI" is the catalogue of risks the organization elects to manage (as opposed to those accepted as residual risk). #include std_riskmanagement_rant.h Cheers, George Capehart -- George W. Capehart Key fingerprint: 3145 104D 9579 26DA DBC7 CDD0 9AE1 8C9C DD70 34EA "Does getiud(2) halt the spawning of child processes?" -- Unknown from a very old fortune cookie file --------------------------------------------------------------------------- Free 30-day trial: firewall with virus/spam protection, URL filtering, VPN, wireless security Protect your network against hackers, viruses, spam and other risks with Astaro Security Linux, the comprehensive security solution that combines six applications in one software solution for ease of use and lower total cost of ownership. Download your free trial at http://www.securityfocus.com/sponsor/Astaro_focus-ids_040301 ---------------------------------------------------------------------------
Current thread:
- Re: Is IDS/IPS worthless? George Capehart (Mar 02)