Skip to main content

The WiKID Blog

Viewing posts from January, 2009

determining-an-appropriate-cost-of-capital-for-an

In my first post, I discussed the short-comings of ROI as an analysis tool for information security projects because it doesn't include a cost of capital. Using a cap rate will increase the accuracy of your analysis, but how do you come up with a good cap rate?

banks-need-strong-authentication-desparately

Forrester Research is urging banks to adopt additional security to fight phishing and other forms of fraud, including strong authentication.

features-and-functionality-for-consumer-acceptable

Anton Chuvakin posts a response to this post about the PayPal tokens. These posts point out a number of desired features for broad-based consumer roll-out of two-factor authentication, such as the hope for a single token to work everywhere. but fail to mention that token won't stop phishing (one of the commenters does point that out).

on-the-short-tenure-of-cisos-and-low-frequency

I came across this post which pointed to this article on how to hedge funds can write a series of naked puts on low-probability events and look like geniuses. I have equated this to the information security market before and I have pointed out other posts about low-frequency, high-impact events.

How-to-get-an-unlimited-information-security

In the past, I have blogged about how much to budget for info sec, how information security creates value for a company, and other posts designed to help info sec personnel make their case. Well, now I have decided that that is all bunk compared to the advice I am about to give. The new tactic: Bribery.

Recent Posts

Archive

2019
2018
2017
2016
2015
2014
2013
2012
2011
2010
2009
2008

Categories

Tags

Authors

Feeds

RSS / Atom