Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: The business/marketing of pen-testing.

from [Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]] Network Security [Permanent Link]
Subject: Re: The business/marketing of pen-testing.
Date: Tue, 02 Nov 2004 06:59:00 -0800
Small companies care about security. They just get sold on the "you need a CISCO and then you are safe".

RSA and other vendors are beginning to package their items in small firm bundles.

kingpang@gmail.com wrote:

In-Reply-To: <EA182BB3B632994AA3617BA6449634B69DAE0E@vetweb.vermeertexas.com>

Hi Aaron, Jeff and Randy,

I have a similar initiative to Aaron, but the difficulty I am facing (and 
probably Aaron too) is how to generate Sales. Security is different from other 
software solutions in a way that there is no easy-to-measure ROI.  The ROSI 
(Return on Security Investment) is an rather abstract approximation. (see 
http://www.microsoft.com/technet/security/guidance/secrisk/default.mspx for 
more information)

If we talk about target market, for small companies, they probably don't care 
about security.  For mid-size companies, they usually prefer training their 
developers to implement (easy) security features.  For large company, why would 
they trust our new and small company?

In my opinion, security is more about education.  Maybe it is worth starting up 
a computer security school instead.





--
http://www.sbslinks.com/really.htm
http://www.msmvps.com/bradley
https://www.ecora.com/ecora/jump/pm99.asp

[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: TS/3389 risk on Internet, Todd Towles
Next by Date:  RE: SAP Pen-Test, Marc Heuse
Previous by Thread:  Re: The business/marketing of pen-testing., kingpang
Next by Thread:  RE: The business/marketing of pen-testing., Randy Golly
Indexes:  [Date] [Thread] [Top] [All Lists]