Cyber Security Institute

§ Current Worries

Top 3 Worries

  • Regulations
  • Old Firewall Configurations
  • Security Awareness

§ Listening

For the best information

  • The underground
  • Audible
  • Executive Excellence
  • Music (to keep me sane)

§ Watching

For early warnings

  • 150 Security Websites
  • AP Newsfeeds
  • Vendors

Wednesday, March 03, 2004

Business Thrives on Dangerous Roads

Forrester offers some sensible security advice: put systems in place that will help you to understand and analyze events, to respond to them efficiently and effectively, and to recover quickly because bad things will happen, no matter what you do.  However, to try and eliminate every exposure will be very costly, and probably impossible.

The better approach is to take some risks, and focus on your core mission: doing business efficiently and aggressively in the competitive marketplace.  One of the risks of doing business while connected to the Internet is that bad things will happen occasionally.

Your organization may be one of the unlucky few that suffers a loss of personally identifiable information such as customer names and credit card numbers.  Even during the worst moments of the Blaster or Slammer attacks, the companies and government agencies with the best event management programs suffered little.

The 100th dollar you spend has less relative impact than the 1st.  Therefore, it is not the size of your security budget that matters, but the effectiveness and efficiency of your security choices.  It is very tempting to buy products or services because you are afraid of the next security vulnerability.

Success lies in not over-spending on security nor making the security architecture so complex and extensive that it cannot be managed efficiently.

More info:

Posted on 03/03