Blog Posts Tagged with "ROSI"

9f19bdb2d175ba86949c352b0cb85572

The Infosec Investment Equation - Can You Solve It?

April 09, 2012 Added by:Neira Jones

Redundant measures always expose themselves very rapidly: they either don’t help you run your shop, or nobody around you is interested in them. So if you still have some of these, your job is to scrap them because it will save some time and resources to apply elsewhere...

Comments  (0)

595640009b9ff10ec4d781330e3a9a40

Why Infosec Forced Me to Get an MBA

January 31, 2012 Added by:Don Turnblade

How much did restoring, repairing, reimaging, improved firewall rules, down time, legal fines, or direct fraud cost per event? Asking what it is may be too close to that great low pressure system, and you do not need to be struck by lightning. I won't ask and you won't tell...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Getting Past Security's Fuzzy Math ROI

December 05, 2011 Added by:Rafal Los

It seems that we're using statistics, metrics, surveys and 'studies' to demonstrate what we can't otherwise adequately explain. That would be all well and good, if the math wasn't all fuzzy. Numbers can't fib, only the people that manipulate them can be accused of that trespass...

Comments  (0)

9259e8d30306ac2ef4c5dd1936e67634

Calculating the Return on Security Investment (ROSI)

June 20, 2011 Added by:Dejan Kosutic

Traditionally, "making sense" for management means that the revenues that will result from the investment will be larger than the total cost of investment. So what's the problem? The problem is, even if you can calculate the total cost, there are no revenues to be made from security...

Comments  (0)

9259e8d30306ac2ef4c5dd1936e67634

Return on Security Investment (ROSI) Calculator Launched

June 02, 2011 Added by:Dejan Kosutic

This is the most detailed ROSI Calculator that can be found on the Internet, and it aims to calculate as precisely as possible whether the potential decrease of security incidents (i.e. the risk mitigation) will outweigh the investment in security measures. It's completely free...

Comments  (0)

972cda1e62b72640cb7ac702714a115f

NPV and ROSI Part II: Accounting for Uncertainty in the ARO

May 11, 2011 Added by:Kurt Aubuchon

Running the simulation for multiple ARO (Annualized Rate of Occurrence), you find the ARO at which the model begins to produce a positive ROSI in a majority of the simulations. You can determine how frequently a breach has to happen before a security investment makes sense...

Comments  (0)