RE: Value of IDS, ROI

• Previous message: Jason Patel: "Re: Value of IDS, ROI"
• Maybe in reply to: Jason Patel: "Value of IDS, ROI"
• Next in thread: Chris Byrd: "Re: Value of IDS, ROI"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Thu, 5 May 2005 01:51:10 -0700
To: <focus-ids@securityfocus.com>

Jason,

I've come up against this several times. There is absolutely no way to
show ROI on IDS. You can, however, look at it, and show it, from your
own prospective. I find myself asking CXOs "How much is your company's
reputation worth? Would it survive if the public found out it had been
hacked? How many payroll hours would it take to undo the damage?" That
usually hits home.

John

-----Original Message-----
From: Jason Patel [mailto:patel1210@yahoo.com]
Sent: Tuesday, May 03, 2005 11:15 AM
To: focus-ids@securityfocus.com
Subject: Value of IDS, ROI

I was wondering how big companies CIO show their executives Return of
investment on IDS. What is the monitoring strategy for IDS alerts. I am
trying to figure monitoring strategy and how to show my executive that
how important job this is, but cant come up with a convincing solution.
Anyhelp is highly appreciated.

Thanks,

Jason

------------------------------------------------------------------------

--
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from 
CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
------------------------------------------------------------------------
--
--------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from 
CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
--------------------------------------------------------------------------

• Previous message: Jason Patel: "Re: Value of IDS, ROI"
• Maybe in reply to: Jason Patel: "Value of IDS, ROI"
• Next in thread: Chris Byrd: "Re: Value of IDS, ROI"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: Value of IDS, ROI ... ROI in the operational risk arena. ... >>and possibly capable of showing a positive ROI, I wouldn't say that an IDS ... >>Your CIO should ultimately be concerned in preventing attacks, ... >>CORE IMPACT. ... (Focus-IDS) RE: Value of IDS, ROI ... ROI can and should be calculated in the acquisition of any security ... solution, INCLUDING IDS. ... A company calculating the costs from a previous worm ... (Focus-IDS) RE: Value of IDS, ROI ... and possibly capable of showing a positive ROI, I wouldn't say that an IDS ... What is the ROI of a carbon monoxide alarm? ... Your CIO should ultimately be concerned in preventing attacks, ... (Focus-IDS) RE: Value of IDS, ROI ... you can get ROI in two ways: ... management world. ... To cite an opinion piece about the IT Security cost center's ability to ... Subject: Value of IDS, ROI ... (Focus-IDS) Re: Value of IDS, ROI ... ROI question: Security investments should be lumped into the insurance ... >and possibly capable of showing a positive ROI, I wouldn't say that an IDS ... >Your CIO should ultimately be concerned in preventing attacks, ... (Focus-IDS)