Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Management
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: how to calculate ROI for vulnerability detection and removal

from [Anton Aylward CISSP CISA] Network Security [Permanent Link]
Subject: RE: how to calculate ROI for vulnerability detection and removal
Date: Mon, 29 Sep 2003 20:26:45 -0600

KC has a good point but we should also note:

  * We're talking about LOSS AVOIDANCE

Most governments MANDATE insurance as a pre-requisite for auto
insurance.  Most banks MANDATE house insurance as a pre-requisite for a
mortgage.  They know that most people don't believe the statistics and
take a "it will never happen to me" attitude.

But then casino owners and lottery owners know their statistics better
and the fact that sch places are immensely popular just proves that most
people don't.  Heck, most people still seem to think that if the wheel
has some up nine times on red they should bet on black because the
chance of a run of ten reds is over 1000:1.

A friend of mine calls lotteries "stupidity tax".
Some people bemoan that they live in a place where they have to lock
their doors when they go out. 

*sigh*


On Mon, 2003-09-29 at 09:56, Smith, KC wrote:
> I agree that it should.
>
> I suppose that the analogy may be too much of a stretch for some.
>
> Just about everyone has grown up with locks on their doors and windows, but until relatively recently security (other than locking the equipment in a room) wasn't even a thought on computers. 

>
> It may simply be a matter of changing habits and we all know how difficult that can be.
>
> KC Smith
--
It's more fun than a barrel of existentialists. -- Dianne Wilson

>From - Mon Jan 1 00:00:00 1965 X-Mozilla-Status: 0000 X-Mozilla-Status2: 00000000 From: "Benj
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • RE: how to calculate ROI for vulnerability detection and removal, Anton Aylward CISSP CISA <=
Previous by Date:  RE: Security Officer Performance Goals, Thompson, Jimi
Next by Date:  IT Security Awareness program, Mai Dashti
Previous by Thread:  RE: Security Officer Performance Goals, Thompson, Jimi
Next by Thread:  IT Security Awareness program, Mai Dashti
Indexes:  [Date] [Thread] [Top] [All Lists]