Musings on Information Security

This Month

Month Archive

January 2007
December 2006
November 2006
October 2006
September 2006

Main Page

Photos

Simplified Security: Security 101

Quotable security quotes

BS7799

Guest Column

Interview

Secure Personal Computing

Security Awareness Training

Good Security Customer

Security Initiative

security

RSS Newsfeeds

Main Page RSS

This work is licensed under a Creative Commons Attribution 2.5 License.

Main Page

« November 27 | December 03 »

Thursday, November 30

ROI of Security the debate continues..

by RaviC on Thu 30 Nov 2006 08:28 PM PST

Dr. Chuvakin has an interesting post about the ROI of security. This is what he says:

"First, bear with me since I am still trying to build a coherent picture of security ROI for myself from all the diverse sources of info, some as smart as Pete Lindstrom :-) In general, I am leaning towards "there is no ROI for security; there are only cost savings."

I could not agree with him any less. You have a step throat and being concerned about it, you decide to go to a doctor. The doctor treats you and you pay for the service. The doctor tells you that the doctor's service provided you ROI - you were cured in 3 days without the doctor's service it would have taken 7 days, thus adding 4 additional days for your productivity.