Headwall Security
  • Home
  • Thought and comments
  • Security Awareness Survey
  • Resources
  • PCI
  • webmail

economics

8/2/2011

1 Comment

 
I have been talking with others and doing a lot of thinking about infosec and economics as of late. When you read reports such as the Verizon Breach report or talk to security professionals they will tell you that the motivators behind attacks today is largely economic. They will tell you we are no longer are seeing the script kiddie out trying to make a name for himself but that the world of hackers is dominated by cyber gangs and nation states motivated by economics and politics. My question today is focused around this very point. If they can see the economic value in security why can't industry? 

I understand that it may be an inverse correlation. For the attacker they are working with a business model where they may be selling a product such as compromised systems or stolen assets. For industry that inverse value should compute to a significant tangible value. How do you show the CFO's of the world that there is a definable value to recovered CPU cycles or to data that does not walk out the front door. These may be abstract values but placing a value to these abstract tangibles is an important challenge for the security professional. The attackers have been able to accomplish this task. They have been able to take the CPU cycles that they are stealing and find a way to sell them. We need to find a way to sell the CPU cycles that we are recovering and sell them back to the CFO's of our companies.

When we can stop working to compliance and stop relying on regulations to set the values of these items and find a way to correlate dollar values to the data and assets that we protect then we will be more effective at motivating our senior administrators to back security.
1 Comment

    Ian Burke

    I have been doing information assurance and security work for many years with a focus on network security monitoring and incident handling. I have been working in IT for more than fifteen years with a focus on architecture and systems.

    My lovely wife and I spend time with our five kids at our home in the North East.

    Archives

    June 2018
    February 2013
    May 2012
    August 2011
    July 2011
    June 2011
    May 2011
    April 2011
    March 2011
    February 2011

    Categories

    All

    RSS Feed

Powered by Create your own unique website with customizable templates.