The True Cost of a Security Infraction
risks you will encounter must be considered when you are evaluating
the resources that you want to confine to your enterprise security
What does an infraction mean to businesses?
• Revenue loss
• Trust loss of customers, shareholders, employees, partners
• Intellectual property loss
• Financial fraud
• Pricing and financial documentation disclosures to Alteration
of customer records
The Computer Security Institute (CSI) has estimated the likelihood
that an infraction may occur. This institution has also estimated
the financial costs of various security infractions: the average
cost of an infraction is over $2 million. A detailed list of
infractions and loss is as follows:
Average Company Loss
Percent of Companies*
|Denial of Service
|Theft of Proprietary Info
The cost of these infractions will increase as hackers become more skilled according to the CSI. The most recent is the integration of "hacker-trend" deeds in viruses, such as Nimda, and Code Red.
Based upon how severe the security infraction is, the cost of redemption should be considered. If for example, the Nimda virus, the average cost of redemption, which includes productivity effects, affects a business, and network-engineering time is estimated at $70,000+.
Response to the appropriate authorities and internet service providers in the case of an infraction, as well as the cost of formal communication must be considered as well. Notification of CERT and the FBI should be notified especially for suspicious and malicious activity.
The Value of Out-sourcing
Companies are now turning to out-sourcing to address their security requirements. By out sourcing your enterprise security strategy and implementation, not only do you save time and money but you also ensure a non-biased security solution.
The main value for a business in out-tasking lies in financial gains. We can save more than 50% in the implementation cost over you're in house IT solution.
One may not ignore the fact that security industry changes take place not by the hour, but by the second. Your IT staff cannot take care of your daily routines and security architecture simultaneously