Skip to main content

The WiKID Blog

Viewing posts tagged Security and Economics

How-to-get-an-unlimited-information-security

In the past, I have blogged about how much to budget for info sec, how information security creates value for a company, and other posts designed to help info sec personnel make their case. Well, now I have decided that that is all bunk compared to the advice I am about to give. The new tactic: Bribery.

determining-an-appropriate-cost-of-capital-for-an

In my first post, I discussed the short-comings of ROI as an analysis tool for information security projects because it doesn't include a cost of capital. Using a cap rate will increase the accuracy of your analysis, but how do you come up with a good cap rate?

How-much-to-spend-on-data-breach-protection

In a previous post, I discussed how much to spend on information security based on Gordon & Loeb's book Managing Cybersecurity Resources: A Cost-Benefit Analysis. The crux: spend no more than 37% of your expected loss.

risk-and-effectiveness-for-project-evaluation

Gunnar Peterson has a post from Metricon about Bryan Ware's presentation about combining the effectiveness of a solution and the risk involved. I couldn't find the link to the actualy presentation. (I didn't have the time to go through them all.)

I think I would tie the effectiveness of the proposed security solution to the cost of capital of the overall project. It would be interesting to tie Bryan's work with my "work" on estimating the cost of capital for an information security project.

spire-on-low-frequency-high-impact-events

Compare this Spire Security post to my previous post about hedge fund risks to see who has the better sense of humor.

Recent Posts

Archive

2024
2022
2021
2019
2018
2017
2016
2015
2014
2013
2012
2011
2010
2009
2008

Categories

Tags

Authors

Feeds

RSS / Atom