-
-
-
BlogInfoSec.com Sponsors
-
-
BlogInfoSec.com Partners
-
Tag Archives: ROI
Nastier at NASDAQ and the ROI of Security
April 25, 2011 – 6:00 am
–
Here is a correction to “Nastiness at NASDAQ” BlogInfoSec, March 7, 2011. The first sentence of the second paragraph should read “From my particular perspective, the most disturbing aspect of the incident, as reported, is that either NASDAQ staff or law enforcement apparently do NOT know…
$1000: Apply for Gordon Prize in Managing Cybersecurity Resources
November 10, 2008 – 6:00 am
–
As part of the University of Maryland’s Great Expectation’s Campaign, Dr. Lawrence Gordon endowed a prize for the best essay in Managing Cybersecurity Resources. Dr. Gordon has been very generous with his time in answering questions regarding on information security economics for…
A Return to ROSI: The Economics of Security
May 23, 2008 – 6:00 am
–
It has been interesting to observe that two posts on ROSI (return on security investment) have been on this web site’s most popular list for more than a month. And it is further of interest in that the two posts take somewhat opposing views, which is actually quite representative of the…
Building an Access Control Framework (pt. 1)
April 16, 2008 – 6:00 am
–
From what I have seen of Identity Management tools, they are more about management than identity, which is fine, once you have solved the the challenge of effectively identifying all the users of your sensitive data. But, slick as they can be, an IdM tool may only automate your existing…
ROSI: Security Returns?
March 10, 2008 – 6:01 am
–
Two of the more controversial topics in information security are return on security investment (or ROSI) and the related subject of security metrics. I will talk to ROSI in this column and metrics in the next one.
There are a number of opponents to the ROSI approach. One is Jos Pols who, in his…