RE: How does and IDS help to save money??

From: Andrew Lamb (alamb@lucidic.net)
Date: 04/15/02


Date: Mon, 15 Apr 2002 11:53:57 -0700
From: "Andrew Lamb" <alamb@lucidic.net>
To: <focus-ids@securityfocus.com>, Shripal Meghani <maegabyte@yahoo.com>

Now I haven't worked as an IT person for any length of time for significant pay, but I'm pretty sure others will agree with me on what I am going to say (either that or I am completely naive).

You can go about judging the value of an IDS system by the amount of attacks it provides true positives towards (as opposed to false positives, which are not valuable) which aid your organization's security. Likewise, you can also measure how much average fixed and variable cost you save by factoring how many attacks were thwarted by monitoring an IDS (remember, an IDS will not prevent attacks by itself, it merely notices them; there should be technologies such as firewalls and antivirus software to augment the IDS) and calculating how much marginal costs would have been, were these attacks not prevented ($10,000 lost because you're eCommerce site went down for 15 minutes?). But estimating these costs brings me to my next point, that return on investment is not a fixed, readily tangible number, nor is totall cost of ownership. These depend on what your company does, how the IDS are implemented (running on NT or something will be more expensive, I promise), etc. etc.

So rather than look for some magic numbers, I say do the analysis, and base your decision on those factors, not what other companies with completely different need bases and levels of security.

---------- Original Message ----------------------------------
From: Shripal Meghani <maegabyte@yahoo.com>
Date: Sun, 14 Apr 2002 23:34:12 -0700 (PDT)

>Hi all,
>My company (assume XYZ) is in the middle of taking
>some decisions regarding security measures in the
>organisation. We have seen some vendors' IDSes. But
>the question that keep hitting us is
>1) how does one judge the value of an IDS in the
>network?
>2) How does it help in saving money? (over say
>something like a firewall)
>3) What is the ROI on purchasing an IDS
>4) And what is the TCO for the same
>
>I would appreciate some figures... some money related
>discussions rather than technical details, etc (have
>seen enough of those). It should make some sense to
>the "white collars" :)
>
>
>
>___________________________________________________________
>Sent by ePrompter, the premier email notification
>software.
>Free download at http://www.ePrompter.com.
>
>__________________________________________________
>Do You Yahoo!?
>Yahoo! Tax Center - online filing with TurboTax
>http://taxes.yahoo.com/
>

__________________________________________________
D O T E A S Y - "Join the web hosting revolution!"
             http://www.doteasy.com



Relevant Pages

  • How does and IDS help to save money??
    ... We have seen some vendors' IDSes. ... How does it help in saving money? ... What is the ROI on purchasing an IDS ... Do You Yahoo!? ...
    (Focus-IDS)
  • Re: How does an IDS help to save money??
    ... One other point - IDS should ... augment the firewall - network IDS to intercept unwanted ... >>2) How does it help in saving money? ... >>Do You Yahoo!? ...
    (Focus-IDS)
  • Re: IE Disinformation bar woes
    ... Evidently the security settings used ... emails at yahoo is sure to realize this. ... of the browser and logs into yahoo on one, ...
    (microsoft.public.windowsxp.security_admin)
  • RE: IDS and Spywares
    ... > a network based security control has better visibility than a host based ... Just as we do in IDS and network traffic analysis. ... > made spyware, or trojan, or any other kind of malware where you can install ...
    (Focus-IDS)
  • RE: Recommending an IDS system
    ... Not trying to make this a Cisco commercial, but I too am very satisfied with Cisco. ... We implemented an IDSM2, sensor device, and Cisco Security Agent for Host Intrusion Prevention. ... Subject: Recommending an IDS system ...
    (Security-Basics)