Blog Posts Tagged with "ROI"

0edff2c451ca736450f0872ef3e00314

Driving ROI from Threat Intelligence & Security Operations

December 14, 2016 Added by:Meny Har

Security operations teams can no longer afford the time lost with threat intelligence operating in a separate silo. Only by truly weaving TI into the core security fabric and workflow can it lead to accelerating threat mitigation.

Comments  (0)

C492d23f3758cf5cdee0b35b74cc36f1

How to Calculate ROI and Justify Your Cybersecurity Budget

December 18, 2015 Added by:Ilia Kolochenko

If you speak with management about money – speak their language and you will definitely get what you need.

Comments  (0)

65c1700fde3e9a94cc060a7e3777287c

Information Security: Why Bother?

December 09, 2012 Added by:Simon Moffatt

The question, often raised as a bargaining tool, is often focused on the, ‘well I understand what you propose and I know it will increase the security of scenario X, but why should I do it?’. In honesty, it is a good question...

Comments  (3)

65c1700fde3e9a94cc060a7e3777287c

Preventative -v- Detective Security

December 02, 2012 Added by:Simon Moffatt

Security has several issues from a proactive implementation perspective. Like anything, a detailed return on investment, including both tangible and non-tangible benefits, is required...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

The Security ROI "Death Spiral"

November 18, 2012 Added by:Rafal Los

The worst thing that can happen to a CISO is to get trapped in the ROI Death Spiral. I know, I know, we’ve all been told that we need to justify cost, manage expense, use the tools our companies provide us, etc. CISOs that don’t play by the rules won’t get anywhere...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Your Next Critical Security Project May Not Be What You Think

October 23, 2012 Added by:Rafal Los

If we're honest with ourselves, we can look around the organization and find several projects that even though they are implementation-complete, are hardly "complete" as they sit. Too often after a catastrophic failure, or security incident we're pre-disposed to making hasty purchases to effectively stop the bleeding...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Enterprise Security: Being Your Own Worst Enemy

August 30, 2012 Added by:Rafal Los

Enterprise security organizations can be their own worst enemies. Security is largely disconnected from the business, largely dependent on technology, and unable to be anything more than a cost center... and it seems like the more we rant and wave our arms the deeper the hole gets...

Comments  (0)

Bd623fa766512fdf6b57db66f522b741

About Antivirus, Security Awareness, Security Usability...

July 21, 2012 Added by:Ali-Reza Anghaie

No matter how many times it's warned against, most Security professionals use themselves and their contemporaries as the basis for what's "right". And as security becomes higher profile with more incidents it really starts looking like instead of having cynical contempt for the users, it's more like plain excuses...

Comments  (0)

Bd07d58f0d31d48d3764821d109bf165

Security: It’s All About (Human) Networking...

July 15, 2012 Added by:Tripwire Inc

Want to add layers, or change your defense in depth approach? Your Information Systems team is just the beginning. What business unit will you impact? How will they be impacted, and when is the optimum time to do this? Depending on scope, this could even ripple through your business continuity program...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

The Patchwork Cloud: To Rent or Buy Your Cloud?

June 27, 2012 Added by:Rafal Los

One cloud does not fit all. Your cloud should be customized to fit your business. I believe that if you're going to have a cloud strategy you need to have a pragmatic approach which has you doing your due diligence, proper risk analysis, and understanding your cloud vendor...

Comments  (0)

Ba47ee356d05807f7e87764f6d3f7e12

Booth Babe Challenge: Show Me the Money

June 18, 2012 Added by:Michelle Klinger

The general consensus regarding whether booth babes are appropriate is a resounding NO, yet vendors still find it necessary to use this strategy. Even amidst complaints by conference attendees & public mocking on social media sites, vendors stick to their marketing guns and bust out the busty femaninas...

Comments  (0)

68b48711426f3b082ab24e5746a66b36

Disclosures: The Vulnerability of Publicly Traded Companies

June 12, 2012 Added by:Fergal Glynn

What we’ve been lacking is quantitative information that helps inform the debate around application security. We want to use this data to shape the conversation around application security so that our attention gets focused on the right things and our investments get made in the right areas...

Comments  (1)

0a8cae998f9c51e3b3c0ccbaddf521aa

Why Does Software Security Keep Falling off your Budget?

May 22, 2012 Added by:Rafal Los

Approximately 3 out of 4 attacks against your enterprise or organization come at your applications. Whether it's at your website, at the mobile app you've deployed, or your enterprise API - you're being attacked where the lowest defenses are - the application...

Comments  (0)

C787d4daae33f0e155e00c614f07b0ee

CISO 2.0: Enterprise Umpire or Wide Receiver?

May 21, 2012 Added by:Robb Reck

In security, our challenge to demonstrate to the business that the money they invest in us goes further than just keeping us out of the newspaper. Security can deliver tangible benefits out to the business. An effective security program can reduce the costs of creating products...

Comments  (2)

C787d4daae33f0e155e00c614f07b0ee

Making Security Metrics That Matter

April 22, 2012 Added by:Robb Reck

The traditional role of security in the organization has been that of a cost-center to be minimized. Security’s success has historically been defined by internally developed measures. We work to create best-practice metrics that show how mature the security program is...

Comments  (2)

0a8cae998f9c51e3b3c0ccbaddf521aa

On the Value of Security Conferences

April 19, 2012 Added by:Rafal Los

What's interesting is the question of business value. Management sends employees to 'security conferences' to learn something and bring it back to the organization. But what value do the ever-increasing number of security conferences provide as stand-alone events?

Comments  (1)

Page « < 1 - 2 - 3 > »
Most Liked