0.0 Introduction to Security
(Page 2 of 5)
Security Costs can be Quantified and Given a Positive ROI
While more on this matter is discussed in the legal chapter, the Secure Business Quarterly7 reports, Results demonstrate that efficient gains greater than 3 percent are realized when introducing appropriate security. The quantifiable benefits are decreased maintenance costs and obvious savings due to the reduction of successful attacks.
If the functional ROI is not a motivator for you, consider the legal ramifications. Not taking prudent security measures will vary in outcome, depending on your industry. If you are lucky, you will be explaining this as a lesson learned while interviewing for your next job. If you happen to work in an industry8 that requires not only security, but also filing a Suspicious Activity Report (SAR) and you fail to do so, you may not have to worry about finding a new job. The Federal government could be providing you a job, along with food, shelter and clothing for a long time in the Iron Bar hotel.
Now that 2004 is here the legal issues are even larger. As Ken Kousky of IP3 Seminars9 points out, the Sarbanes-Oxley Act of 200210 requires full financial disclosure. Liabilities must be quantified. And there are only two ways to handle liability: out-source it (buy insurance) or your are self-insuring, and you must carry that cost on your books.
Ken also has an interesting perspective on how to greatly reduce the liability side of security issues to improve the balance sheet.
Lets continue our high-level view by considering the next important point.
7. Volume One, Issue Two: http://www.sbq.com/sbq/rosi/sbq_rosi_efficiencies.pdf
8. 12 CFR Part 21: Minimum Security Devices and Procedures, Reports of Suspicious Activities, and Bank Secrecy Act Compliance Program (http://www.occ.treas.gov/fr/cfrparts/12CFR21.htm)
Home - Table Of Contents - Contact Us
CertiGuide for Security+ (http://www.CertiGuide.com/secplus/) on CertiGuide.com
Version 1.0 - Version Date: November 15, 2004
Adapted with permission from a work created by Tcat Houser et al.
CertiGuide.com Version © Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.