IDS: Re: Value of IDS, ROI

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

IDS mailing list archives

Re: Value of IDS, ROI

From: Jason Patel <patel1210 () yahoo com>
Date: 5 May 2005 05:38:52 -0000

In-Reply-To: <274928505050406444d459315 () mail gmail com>

This is great information. I thank all for your reply. 

Jason

Message-ID: <274928505050406444d459315 () mail gmail com>
Date: Wed, 4 May 2005 08:44:18 -0500
From: Bamm Visscher <bamm.visscher () gmail com>
Reply-To: Bamm Visscher <bamm.visscher () gmail com>
To: Jason Patel <patel1210 () yahoo com>
Subject: Re: Value of IDS, ROI
Cc: focus-ids () securityfocus com
In-Reply-To: <20050503181519.31414.qmail () www securityfocus com>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline
References: <20050503181519.31414.qmail () www securityfocus com>

There is no calculating ROI for security (including IDS) [0]. A CIO
should be able to understand that. Security is about mitigating loss,
much like insurance. You should focus on explaining how your IDS
implementation will help protect the investment your company has made
in IT. An IDS should provide early warnings of a compromise and other
security events. It will also help you quickly determine the scope of
the event, escalate the activity to the correct departments, and the
data gathered will make the remediation effort more efficient.

Bammkkkk

[0] http://taosecurity.blogspot.com/2004/04/calculating-security-roi-is-was=
te-of.html

On 3 May 2005 18:15:19 -0000, Jason Patel <patel1210 () yahoo com> wrote:

=20
=20
I was wondering how big companies CIO show their executives Return of inv=

estment on IDS. What is the monitoring strategy for IDS alerts. I am trying=
to figure monitoring strategy and how to show my executive that how import=
ant job this is, but cant come up with a convincing solution. Anyhelp is hi=
ghly appreciated.

=20
Thanks,
=20
Jason
=20
-------------------------------------------------------------------------=

Test Your IDS
=20
Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from
CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
-------------------------------------------------------------------------=

=20
=20



--=20
sguil - The Analyst Console for NSM
http://sguil.sf.net

--------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from 
CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
--------------------------------------------------------------------------


--------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from 
CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
--------------------------------------------------------------------------

By Date By Thread

Current thread:

RE: Value of IDS, ROI, (continued)
- Re: Value of IDS, ROI Bob Huber (May 03)
  - RE: Value of IDS, ROI Angel L Rivera (May 04)
- Re: Value of IDS, ROI Jason Patel (May 06)
- RE: Value of IDS, ROI John Forristel (SunGard-Chico) (May 06)
- Re: Value of IDS, ROI Chris Byrd (May 06)
- RE: Value of IDS, ROI Federico Lombardo (May 11)
- RE: Value of IDS, ROI THolman (May 19)
  - RE: Value of IDS, ROI Justin . Ross (May 28)