About Me

Archive

Archive

Read More

Corporate Blogs

Feeds & Podcasts

Meet the Bloggers

Archive

Tags

"McAfee FOCUS 12", "McAfee FOCUS 2012", #12scams, #changedmypassword, #ChatSTC, #McAfeeFOCUS, #MerryMcAfee, #MFETrivia, #MobileMyths, #SecChat, #SecurityLegos, #SecWebinar, #SextRegret, $1 million guarantee, .pre, 0 day vulnerability, 0day vulnerability, 1-day, 3DS, 3G, 3Rs, 12 Scams of Christmas, 49ers, 99 things, 419 scam, 2011 Threats Predictions, 2012, 2012 Gartner Magic Quadrant, 2012 London Olympics, 2012 Security Predictions, 2012 Virtual Sales Kickoff, 2013, 2013 predictions, 2013 threat predictions, 2013 threats, Aaron Swartz, Abbreviation, ABC, ABC News, Abu Dhabi, access to live fraud resolution agents, Accountability, Account hacked, Account Takeover Scams, Accredited Channel Engineer, ACE, ACE certification partner, ACE Incentive Rebate, ACH, Acquisition, ActionScript, addiction, addiction to Facebook, Adobe, Adobe Flash, Adobe Reader, adult entertainment, adult online content, advance-fee fraud, Advanced Persistent Threat, advanced persistent threats, Advanced Threat Defense, adware, AET, affiliate marketing schemes, Aishwarya Rai videos, Aitkin Creek Primary School, Aitkin Creek Primary School Craigieburn, alephzain, Alex Merton-McCann, Alex Thurber, All Access, AllAccess, AllAcess, Amazon, American jobs, Amitabh Bachchan dies, AMTSO, Amy Chua, analysis, and Data Loss Prevention, Android, Android/Chuli, Android/Chuli.A, Android/FakeToken, Android/FakeUpdates, Android/FkSite, Android/FkSite.A, Android/JobFraud, Android/NickiSpy, Android/OneClickFraud, Android/Smsilence, android antivirus, Android Bot analysis, Android Dropper, Android Exploit, Android Malware, Android Malware Analysis, Android Market, Android Mobile Malware, Android Rooting Exploit, Android security, android security app, Android slide, Android SMS broadcast, animation, anit-spam, Annual Channel Partner Satisfaction Survey, Annual Partner Survey, Anonymous, Anonymous Group, anti-malware, anti-phishing, anti-phishing phishing spam anti-spam anti-malware “identity theft” “computer security” scams firewall, anti-pshing, anti-spam, anti-spyware, anti-theft, anti-virus, anti-virus program pops up, Antievasion, antimalware, Antisec, antivirus, Antivirus software, AP, APIs, App Alert, AppContainer, Apple, Apple iOS, application blacklisting, application control, application developers, applications, application security, App Lock, AppLocker, app protection, apps, app safety, app security, app store, app stores, APSA13-02, APT, APTs, arrests, Arun Sabapathy, ASIC, Ask Toolbar, ASL, ASLR, ATM scams, ATM skimming, ATS, attack, attackers, attacks, Australia, Australian Government, authentication, AutoIt, automated clearing house, automated transaction server, automobile, automotive, Autorun, AutoRun malware, AV, AV-TEST.org, avatar, award, awards, AxizWorkgroup, Aylesbury, Backdoor, Backscript, Back To School, backup data, Backup Security, bad-reputation URLs, Bad Apps, BadNews Bug, balanced scorecard, bank accounts, bank fraud, banking, banking applications, banking fraud, banking trojan, banks, Barbara Coloroso, Barcelona, Barrett Brown, basic security protection, basic security software rates, batchwiper, Battle Hymn of the Tiger Mother, bCyberwise, Bec Spink, behavior-based detection, behaviour, Belarus, Bernie Madoff, best practices, beyond the PC, Big Data, big security data, bill collectors call for nonpayment, Bill Rancic, binaries, binary, Bing, Bin Laden Scams, Biological Computer, biometric authentication, biometrics, Bios, Bioskit, birthday greetings, Bitcoin, bittorrent, BlackBerry, Blackhat, Black Hat, black hat hackers, Blackhole Exploit Kit, Bloomberg, blue screen, Blue Toad, Bluetooth, Bollywood, BOM, bombings, book, bootkit, Boston Marathon, bot, botnet, botnets, bots, box.com, box.net, boyfriend, boys, brain power, Brazil, BRB, breach, breakup, breakups, Brent Sanders, Bring your own device, broker, browser, bueno, buffer overflow, bullying, Burger King, business continuity, businesses, Business IT, byod, C&C command bot, C&C communication, C&C Server, C-SAVE program, CA, CallWindowProcA, Cameron Diaz, Canada, canada online scams, Canadian celebrities, Canalys, CanSecWest, captain of football team, car hacking, case study, Cayman Islands, CD9, CDC, celebrities, celebrity, celebrity phone hack, Celebrity video in Facebook, cell phone, cell phones, certificate authority, certification, CES, CES 2013, Chainfire, chain mails, Chameleon, Change Control, change your password day, Channel Demand Generation Kit, channel partner, Channel Partners, Channel Partner Town Hall, Channel Program, Channels Town Hall, Channelwise Awards, Charity Phishing Scams, chat, chat rooms, check in, Checklist to keep teenagers safe online, child identity theft, child labour, children, children online safety, children safety online, child safety, Chile, China, Chinese, chris barton, Christian Morales, christmas, Christmas scams, christmas shopping, Christmas shopping concerns, Christmas shopping crimes, Chrome, chromebook, CIO Insomnia Project, Cisco, CISO, CISO Executive Summit, Citadel, Citrix, Civil War, class action lawsuit, classblogs, cleaning up, clickjacking, cloud, cloud-based, cloud-based collaboration, cloud application, cloud apps, cloud based application, Cloud city, Cloud computing, Cloud Expo, cloud security, Cloud Single Sign-On, Club Penguin, CMP, CNBC, CNN, code size, codes malveillants, Cofer Black, cold boot, collaboration, college students, Colombia, Command and Control, Commercial/SMB, Commercial and Enterprise Deal Registration, Communications and the Digital Economy, community service, complex, Compliance, Comprehensive Malware Protection, Compromised Sites, computer, computer issues, computer loss, computers, computer security, computer security protection, computer setup, computer support, computer theft, computerworld, conference, Conficker, conférence utilisateur, Connected Home, consolidation, Consumer, consumer internet users, consumerization, consumerization of IT, consumer mobile, consumer PCs, consumers, Consumer Security, consumer threat alert, Consumer Threat Notices, consumer threats, Consumer Threats Alert, Consumer Trends Report, content, Content Protection, content security, Continuing Education, control, cookies, Cool Exploit Kit, Cork, corporate data, corporate network, Corporate Responsibility, cost of losing your smartphone, counter identity theft, creating safe passwords, creating strong passwords, credit card fraud, credit card fraud and protection, credit card skimming, credit card thefts, credit fraud alerts, credit monitoring, credit monitoring and resolution, credit scores, crimeware, criminal hacking, critical infrastructure, CRN, cross-site scripting, CSP, CTO, Culture, cupcake, currency, customer data, customer service, Cutwail, CVE-2010-3333, CVE-2012-0158, CVE-2013-0422, CVE-2013-0633, CVE-2013-0634, CVE-2013-0640, CVE-2013-0641, CVE-2013-1493, CVE 2012-1535, CVE 2012-1723, CVE 2012-1889, CVE2013-0422, Cyber, cyber addiction, Cyberattack, cyber attack, cyber attacks, cyberattacks, cyberbullying, cyber bullying, Cyberbunker, cybercasing, Cybercrime, cybercrime, cybercriminal, cyber criminals, cybercriminals, Cybercrims, cybercrooks, Cyber Defence, Cyber Defence Center, Cyber Defense Symposium 2012, cyberdéfense, Cyber Ed, cybereducation, cyber education, cyberespionage, cyber ethics, cyber fraud, Cyber Insurance, Cyber Intelligence Sharing and Protection Act of 2011, cybermom, Cyber Monday, Cyber Monday shopping, cybermum, cyber mum, Cybermum India, Cyber risks, cybersafe, cybersafety, cyber safety for women, Cyber safety tips, cyber safety tips for women; International Women’s Day;security software;, Cyber savvy mom, cyber scams, cyberscams and identity theft, cyber schemers, cyber scrooges, cybersecurity, cyber security, cyber security awareness, cybersecurity concerns, Cyber Security Mom, cybersecurity mom, cyberspace, cybersquatter, cybersquatting, cyber stalking, cyberterrorists, cyber threat, cyberthreats, cyberwar, cyberwarfare, cyber warfare, cyercrooks, DAM, dangerous searches, Darkshell, DAT 6807/6808, data, Database, database activity monitoring, database security, data breach, data breaches, Datacenter, data center, data centers, Datacenter Security, data center security, Data Center Security Channel Kit, Data Center Security Channel Kit Guide, Data Classification, data governance, data loss, Data Loss Prevention, Data Protection, Data Protection Act, Data Protection Regulation, data theft, dating, dating scams, dating site, Dave DeWalt, Dave Marcus, David Small, DDoS, Deal Registration, decade of cybercrime, deceptive online promotions, decline, dedicated security appliances, Deep Command, DeepDefender, Deep Defender, Deepika Padukone, Deep parsing, DeepSAFE, DefCon, DefCon Kids, Defender 2013, Delete Virus, Delta Goodrem, democracy, denial of service, denied credit, Denmark, DEP, Department of Broadband, Department of Commerce, department of defense, depression, detection, development, device, Device Control, devices, dewalt, DEX, Dexter, digital age, digital assets, digital assets worth, Digital Certificates, digital devices, Digital divide, digital gadgets, digital life, digital life protection, digital music and movie report, digital natives, digital reputation, digital retail, digital security, distributed denial of service, distributor, DLP, Dmitri Alperovitch, dmp stealing, DNS, DNSChanger, DNS changer, DoCoMo 110 Dialer, DOD, dog breeders, dogs, Domain Generation Algorithm, Dorgbot Skype, Dorifel, DoS, DougaLeaker, download, downloader, downloaders, doxxing, drawing cyber lines, drive-by downloads, drivers licences, drivers license, drivers license identity theft, dropbox, Dubai, dumpster diving, Duqu, e-card scams, e-gold, e-mail id, earnings, easter, Easter scam, eBay, EBC, ecards, ecard spam, eCommerce, Ecuador, Edublogs, education, educational games, educators, Eelectric Vehicle, EFF, ELAM, elcomsoft, election, Electronic Medical Records, electronic voting, email, Email & Web Security, Email & Web Security, email accounts, email content security, Email Protection, emails, email scam, email scams, email security, email spoofing, email tracking service, embedded, embedded devices, Embedded Security, embedded security solutions, EMEA, Emerging Markets, Emerging Market Security, EMM, emma watson, emma watson pictures, empathy, employee policies, employment fraud, Employment Identity Theft Scams, encoding, encrypted text file, encryption, Encryption App, end-to-end security architecture, Enda Kenny, endpoint, Endpoint Protection, Endpoint Protection Advanced, Endpoint Security, Endpoint security suite upgrade, endpoint suites, energy, Enhanced Deal Registration, ENISA, enterprise, enterprise-grade DLP, enterprise firewall, enterprise mobility, enterprise resource planning, enterprise scurity, enterprise security, envy, Envy on Facebook:A Hidden Threat to Users’ Life Satisfaction?, epayment, ePHI, epo, ePO Deep Command, ePO DeepCommand, ePolicy Orchestrator, Epsilon, epsilon security breach, ERP, ESM, espionage, etiquette, EU, European teen research, EV, evasion, Evernote, evoting, Executive Briefing Center, Executive Briefing Centre, Exif, ex partners, exploit, Exploit-CVE2013-0422, Exploit-CVE2013-0422 Analysis, Exploit-Kits, Exploit Analysis, exploitation, Exploit for Android, exploiting real brand names, Exploit Kit, exploits, Exynos, Ezzidine Al-Qassam, facebook, Facebook clean up, Facebook friends, Facebook likes, Facebook photos, Facebook safety, Facebook Scam, Facebook Security, Facebook spam, Facebook Threat, Facial recongnition, factory reset, fake-av, fake alert, fake ant, fake anti-virus software, Fake AntiVirus, fake anti virus, Fake Anti Virus Scams, FAKEAV, fake emails, Fake Identity, fake installer, FakeRean, fake security software, fake software, fake system tool programs, faketoken, fake updates, fake websites, Fake YouTube plugin, false, false news, families online, family, family identity safety, family online safety, family online safety tips, family protection, Family Safety, Farmville, Fast Start SMB Training, FBI, FBI warning, FDCC, features, Federal Cybersecurity, Federal ID, Festi, fictitious identity theft, FIFA, file scanning, file sharing, filtering products, financal, Finance, Financial Fraud, financial industry, financial institutions, Financial Market Security, financial organizations, financial records, financial scams, Financial Security, Financial Services, financial software, Firefox, Firesheep, firewall, FISMA, FitBit, Fixed Function Devices, Flame, Flamer, Flash, flashback, Flash Player, Focus, Focus11, FOCUS12, FOCUS 2011, forensic, forrester, forwards, foul language, Foundstone, Fourth Quarter 2012, France, France Law, Français, fraud, fraud resolution, fraud resolution agent assistance, fraudulent, fraudulent credit card or bank charges, free, Free gift card scam, Free giveaway scam, freely downloadable morphing tool, free money scam, free money scams, free offers, free WiFi spots, french, French Law, Friday Security Highlights, friends, FTC, functions calls, fuzz, fuzzing, G-J Schenk, Galaxy SIII, gambling, game of thrones, games, gaming, gaming consoles, Garter, Gartner, Gartner Security and Risk Management Summit, Gauss, Gavin Struthers, Gaza, geolocation, George Kurtz, George W Bush, geotag, geotagging, Gert-Jan Schenk, GFIRST, GhostShell, gift cards and iPad promotions online, gift online shopping, gifts, gift scams, girlfriend, Giveaway, global channel partner, Global Cybersecurity, global education program, Global Payments, Global Risk 2012 report, Global SecurityAlliance Partner Summit, Global Threat Intellgence, global threat intelligence, Global unprotected rates, gmail, gold software support, good parenting, google, Google booth, google code, Google Glass, Google Play, government, government networks, governments, Gozi, GPS, grads, graduation, graphs, gratis, Great Place to Work; Best Workplaces Ireland 2013, GSM, GTI, Guardian Analytics, hack, hacked mobile phones, Hacked Sites, hacker, Hackers, hackers steal credit card numbers and sensitive personal data, hacking, Hacking Exposed, Hackitivism, Hacktivism, hacktivists, Hacktivity, halloween, Happy Families, harassment, Harbowl, hard token, Hashtag, HASHTAG as a name, HB1140, head in the sand, Healthcare, Healthcare Security, Healthy Harold, Heat Map, heidi klum, Here you have worm, Heuristics, Hi5, highroller, HIMSS12, HIPAA, hips, Hispanic, HITECH, hoax, hoax - slayer, holiday, holiday gifts, holiday malware, Holidays, holiday scams, holiday screensavers, holiday shopping, holiday shopping fraud, holiday shopping scams, holiday snaps, holiday websites, home network issues, homework, host intrusion prevention, Host IPS, household devices, How Secure Is My Password?, how to check computer, how to keep teens safe online, how to protect, how to protect devices, how to search online, how to secure wireless connection, how to set up wi fi, how to talk to kids, how to talk to teens, HTML5, HTPPS, https, HV, Hybrid Vehicle, IaaS, IBISWorld, iCloud, ICS, IDA, IDC, idenitty theft, identify potential cyber-threats, identify spam, Identity, identity as a service, Identity CoE, identity exposure, identity fraud, identity fraud scams, Identity Management, identity protection, identity protection $1 million guarantee, identity protection alerts, identity protection fraud, identity protection surveillance, identity surveillance, identity theft, identity theft. app privacy, identity theft celebrities, identity theft expert, identity theft fraud, identity theft McAfee, identity theft protection, identity theft protection identity protection fraud, identity theft protection product, identity theft resolution, identity theft ring, identity theft risk, identity theft scams, identity theft tax scams, Identity thieves and cybercriminals, identity threat protection, IDF, IDF 2011, IDF 2012, IDK, IDS, ID theft, IE 10, iframe, IIM Bengaluru suicide case, illegal immigrants, image.exe, Image stealing, image stealing trojan, images uploaded to FTP, image theft, impersonation, in.cgi, Incident Response, Incumbency Advantage Program, indentity, India, India cybermum, Indian Celebrity video, Indian kids, Indonesia, industrial control systems, infected mobile apps, infographic, information, information collected by advertisers or social media marketing, information growth, Information leak, Information Protection, Information Security, Information Warfare, Infosec, Infrastructure, Initiative to Fight Cybercrime, in love, in lurve, innovation, innovative, insiders, Insider Threats, Instagram, integration, Integrity, Integrity Control, intel, Intel Cloud SSO, Intel Developer Forum, intellectual property, Intelligent Systems Framework, internet, Internet access, Internet Access cut off, internet addiction, internet connected devices, internet enable devices, Internet evolution, Internet Explorer, Internet Explorer 10, Internet filtering, internet identity trading surveillance, Internet monitoring, Internet of Everything, Internet of Things, Internet Phishing Scams, internet privacy, Internet Safety, internet safety list for 2013, Internet Safety News, internet safety software, internet safety tips, Internet scams, internet security, internet security tips, Internet settings, Internet slang, internet time limits, Internet voting, Interop, in the cloud, introduction to social networking, IntruShield, intrusion detection, intrusion prevention, Intrusion prevention systems, intuitive, In vehicle Infotainment, investment scams, IoE, iOS, iOS 6.1, IoT, IP, iPad, iPad scams, iphone, Iphone 5, iphone security, IPS, IPv6, IQ, Iran, IRC bot, IRCBOT for android, IRCE 2012, Ireland, Irish Examiner, Irish Prime Minister, IronPort, IRS, IRS scams, I Series, ISF, ISP, Israel, Israeli Defense Force, IT, IT as a Service, IT market, itouch, IT Security, IT Security market, iWatch, Japan, japan earthquake malware, japan earthquake safe donation, japan earthquake scams, japan tsunami scams, jar, java, Java exploit, Java Runtime Environment, JavaScript, Java update, Java virus, Java Vulnerability, jelly bean, jihad, job applications, Joe Sexton, John Bernard Campbell, JPEG, JPEG Commands, jpg, Julia Gillard, julian Assange, July 9, Justin Coulson, KakaoTalk, kama sutra koobface, KaoSpy, Kathleen Morris, Katrina Kaif, keep family PC safe, keeping kids safe online, keep mobile smartphone safe, Kelihos, kernel, Kernel 0day vulnerability, kernel mode, keycatchers, keyless, keyloggers, key logging, kids, kids on internet, kids on iPhone, kids online, kids online behavior, Kids online behaviour, kids online safety, kids on twitter, kids safety, king county, knowledge assets, KnowledgeBase, koobface, Korea, Kraken, kurtz, labs, language translation, laptops, Larry Ponemon, LART, Last Resort, Late Payment Scam, law, law enforcement, LCEN, leaked passwords, leaked personal information, legal, legal identifier, legal risk, Legos, Leopold Primary School, Lethic, Life Education, LilyJade, linkedin, links, Linux, Linux/Exploit:Looter Analysis, Linux and Windows, Little Red Box, live-tweeting, live access to fraud resolution agents, Living Social, lizamoon, Lloyds, loader, location data, Location services, locked-, Lockheed Martin, locks, logging out of accounts, loggins, login details, LOIC, LOL, London, loneliness, Looter Analysis, Lori Drew, loss of gadgets, lost, lost computer, lost or stolen driver’s license credit cards debit card store cards, lost or stolen Social Security card or Social Security number, lost or stolen wallet, lost PC, lost wallet protection, lottery, love, Love Relationships and Technology, luckysploit, LulzSec, M&A, M2M, Maazben, mac, mac/OSX, Mac antivirus, mac malware, Mac malware and threats, Mac OS X, Mac OSX, Mac passwords, Mac security, mac threat, Magento, Magic Quadrant, mailbox raiding, Mail fraud, mail order bride spam, make passwords secure\, Malaysia, maleware, Mali, Malicious Android Application, malicious apps, malicious code, malicious files, malicious program, Malicious QR Code, malicious sites, malicious software, malicious website, malicious websites, malware, malware analysis, Malware Experience, malware forums, malware protection, Malware research, malware samples, malware spread through chat link, malware statistics, malware stealing credentials, malware threats, malware using skype as spreading vector, malweb, managed security services, Managed Service Provider, Managed Services, Management, managing personal affairs online, Mandatory Security Hotfix, map, mapping the mal web, maps, Marc Olesen, Mariposa, mass mailing worm, mass sql injection, master boot record, mastercard, Maturity Model, MBeanInstantiator vulnerability, MBR, mcaf.ee, McAfee, Mcafee's Who Broke the Internet, McAfee-Synovate study, McAfee Advice Center, mcafee all access, McAfee and Verizon keeping customers safe, McAfee AntiSpyware, McAfee Antivirus Plus, McAfee Application Control, McAfee Asset Manager, McAfee Channel, McAfee Channel, mcafee channel chief, McAfeeChannelChief, McAfee Channel Partner, McAfee Cloud Security Platform, McAfee Consumer Threat Alert, McAfee Data Loss Prevention, McAfee Deep Command, McAfee Deep Defender, McAfee Digital Divide study, Mcafee DLP, McAfee Email Gateway, McAfee Email Gateway 7.0, McAfee Email Protection Suite, McAfee Email Security, McAfee EMM, McAfee Employees, McAfee Endpoint Encryption, McAfee Enterprise Mobility Management, McAfee Enterprise Mobility Manager, McAfee Enterprise Security Manager, McAfee ePO, McAfee ePolicy Orchestrator, McAfee Exploring Digital Divide Study, McAfee Facebook page, McAfee Family Protection, McAfee Family Protection for Android, McAfee Firewall Enterprise, McAfee FOCUS, McAfee FOCUS 2011, McAfee free tool, McAfee Global Unprotected Rates Study, McAfee Identity Protection, mcafee identity theft protection, McAfee Initiative to Fight Cybercrime, McAfee Internet Security, McAfee Internet Security for Mac, mcafee internet security for mac; mcafee family protection for mac, McAfee Labs, McAfee Labs Q3 Threat Report, McAfee Labs Report, McAfee Labs Threats Report, McAfee LiveSafe, McAfee managed Service Provider Program, mcafee mobile, McAfee Mobile Security, McAfee MobileSecurity, McAfee MOVE, McAfee MOVE AV, McAfee Network Intrusion Prevention Systems, McAfee Network Security, Mcafee Network Security Manager, McAfee Network Security Platform, McAfee NSP, McAfee One Time Password, McAfee Partner, McAfee Partner Connected, McAfee Partner Learning Center, McAfee Partner Locator, McAfee Partner of the Year Award, McAfee Partner Portal, McAfee Partner Program, McAfee Partner Summit, McAfee Partner Summit 2012, McAfee Policy Auditor, McAfee Profitability Stack, McAfee Q2 Threat report, McAfee Q3 Threat Report, McAfee Q4 2011 Threat report, McAfee Rebates, McAfee research, McAfee Rewards, McAfee Risk Advisor, McAfee Safe Eyes, McAfee Safe Eyes Mobile, McAfee SafeKey, McAfee SafeKey Password Manager, McAfee Scan and Repair, McAfee SECURE, McAfeeSECURE, mcafee secure shopping, McAfee Security, McAfee SecurityAlliance, McAfee Security Journal, McAfee Security Management, McAfee security products, McAfee Security Scanner, McAfee security software, McAfee security software offer, McAfee Security Webinars, McAfee SiteAdvisor, McAfee Site advisor, McAfee Social Protection, McAfee Software, mcafee spamcapella, McAfee Stack Challenge, McAfee survey, McAfee TechMaster services, McAfee Technology Centre, McAfee Threat Predictions, mcafee threat report, McAfee Threats Report, McAfee Total Access for Endpoint, McAfee Total Access for Servers, mcafee total protection, McAfee Vulnerability Manager, McAfee Vulnerability Manager for Databases, mcafee wavesecure, McAfee Web Gateway, McAfee® Internet Security Suite, McCain, mCommerce, MDM, media, medical device security, medical identify theft, Medical identity theft, medical records, Medicare, memory, Menaces, Metro, Mexico, michael jackson, Microsoft, Microsoft Security Bulletin, Microsoft SQL Server database, Microsoft XML Core Services, Mid-Market, Middle East, Mike Decesare, Mike Fey, Millennium@EDU, MMORPG, MMS, MMS 3.0, Mobile, mobile antivirus, mobile app, mobile applications, mobile apps, mobile banking, mobile carriers, Mobile Commerce, mobile computing, mobile data communications, Mobile Data Protection, mobile data protocols, mobile device, Mobile Device Management, mobile devices, mobile devices and security threats, mobile device security, mobile devices issues, mobile exploit, mobile identity security, mobile malware, mobile myths, mobile passwords, mobile payments, mobile phones, mobile phone spyware, mobile PIN, mobile platform, mobile privacy, mobile protection, mobile safety, mobile safety tips, mobile scam, mobile security, mobile security app, Mobile Security Premium Protection, mobile security software, mobile shopping, mobile shopping threats, mobile smartphone security, mobile software platforms, mobile spam, mobiles security, mobile threats, mobile trends, mobile Wi-Fi, mobile wireless internet security concerns, Mobile World Congress, moghava.a, Moira, Moira Cronin, mom, money laundering, money orders, monitor a child’s identity, monitor credit and personal information, monitoring, Monkif, Mornings, Morphing, Moshi Monsters, most dangerous celebrities, most risky, Mother's day, mothering, mothering advice, mothering boys, mothering Internet safety, mother of boys, Mother’s day spam, movies, MS12-020, M Series, msn spaces, MSP, msvcr71.dll, multifactor authentication, multilayer security system, Multiplatform FakeAV, multiple devices, multiple social security numbers, MultiRogue, multitenancy, mum, Mummy blogger, MWC, mwc13, myAut2Exe, Mybios, my child is a bully, myspace, MySQL, mystery shoppers, mythbusters, NACACS, Narilam, national cybersecurity awareness month, National Cyber Security Awareness Week, national identification card, NATO, NBC News, NCCDC, NCSA, ndr, near field communication, negative online experiences, Netbook, netbooks, netiquette, Netmum, nettraveler, network, Network Access, Network Behavior Analysis, Network Evasions, Network IPS, Network Perimeter Security, Network Security, Network Security; Email & Web Security; Security-as-a-Service, Network Security Manager, Network Security Platform, network security server security, network threat behavior analysis, New age names, New online safety survey, news, News Feed, New teen survey, New Year, new year resolution, new year resolutions, New Year’s resolutions, New York Times, next-gen IPS, Next Generation, next generation data center, Next Generation IPS, NFC, NGFW, NGIPS, ngrbot, NickiSpy, Nigerian 419 Scam, nigerian scam, Night Dragon, NIST, Nitol, NitroSecurity, Nitro Security, NitroView, Niwa, NMU, Nobel Prize, north america, Northern Beacher Christian School, North Korea, NotCompatible, NSP, NSP 7.5, NSS Labs, NTBA, Nuclear Exploit-Kit, Nuquel, NY Times, Oak Ridge National Laboratory, obama, Obfuscation, Occupy Wall Street, OCTO, OHR, Oil & Gas, OLE, olympics, Olympic scams, OMB, one-click fraud, one-time password, OnePoll, online, Online Ads, Online Backup, online banking, online banking safely, Online Behavior, online behaviour, online bettings, online book shopping, online bookstore, online child safety, online coupon scams, online credit fraud, online danger, online dangers, online dating, online e-tailers, online ethics, online fraud, online game, online games, online game spam, online gaming, online gangs, online grocery ordering, online harassment, online holiday shopping, online marketing sites, online marketplace, online payment, online personal data protection, online predators, online reputation, online retail, online safety, online safety for kids, online safety of kids, Online safety of teens, online safety resolutions, online safety tips, Online scammers, online scams, online search, online security, online security education, online shopping, online shopping risks, online shopping scams, online shopping threats, online spam, online stores, online surfing, online survey scam, online threat, onlinethreats, online threats, online video, online voter registration, Open Source, operational risk, Operation Aurora, Operation High Roller, Operation Last Resort, Operation Shady RAT, OpLastResort, Optimized, optimize PC, Orange, organized crime, organized criminals, OS, OS/X, oscars, OTP, outages, outlook, over-achieving children, oversharing, OWASP, P2P, packed, packers, packing, PACT, PARC, parental advice, Parental control, parental controls, parental permission, parenting, parents, partner, Partner Acceleration Resource Center, Partner Care, Partner Connected, Partner Learning Connection, Partner Portal, partners, Partner Summit, PartnerTalk newsletter, passport, passports, passware, password, password complexity check, Password Day, password management, password manager, passwords, password security, password stealer, Pastebin, pat calhoun, patch, PatchGuard, Patch Tuesday, Patmos, Paul Otellini, PAW, pay-as-you-go, pay-per-install malware, paycash, Payload, payment, paypal, pay securely, PC, PC Addiction, PCI, PCI Compliance, PCI DSS, PC passwords, pc protection, PCRat, PCs, pc security, PC setup, PDF, pedro bueno, peer-to-peer file sharing networks, peer to peer, Peer to Peer file sharing, Pemberton, People, perception, personal data, personal identity fraud, personal identity theft, personal identity theft fraud, personal information, personal information loss, personal information over mobile phones, personal information protection, Personal information security, personal privacy, personal protection, personal tablet, Peru, peter king, pets, pet scams, pet shops, Phantom websites, PHI, phishing, phishing kits, phishing scams, phishing shareware, photo privacy, photo protection, photos, Photo sharing, pic.exe, pickpockets, pic sharing, piers morgan, PII, PIN, pins, Pin scams, Pinterest, pinterest scam, piracy, PixSteal Trojan, Playstation, Podcast, Poetry Group, Poland, Police, policies, Ponemon Institute, Ponzi scam, POP, Pop Tropica, pop ups, pornography, POS, POS systems, Postcode Lottery, posting inappropriate content, posting videos online, posts, PostScript, potential employers, Potentially unwanted program, POTS, power grid, power loss, Pre-detection, Pre-Installed Malware, pre-teens on FB, predictions, Premium SMS Trojan, presidential election, president obama, Primary School students, Prinimalka, Printers, privacy, Privacy Awareness Week, privacy law, privacy setting, privacy settings, Privacy settings on Google +, private data, Proactive Corporation, proactive identity protection, proactive identity surveillance, proactive security, Products, Profitability Calculator, Profitability Stack, profits, Project Blitzkrieg, promotion, protect, Protect all devices, protect devices, protect digital assets, protecting kids online, protecting photos, protecting teens, protection, protect kids online, protect teens, provide live access to fraud resolution agents, Public-Private partnerships, public policy, Public Sector, puget sound, Pune Police, pup, puppy love, puppy scams, Pushbot, PWN2OWN, pws, Q1 Threats Report, Q2 Threats Report, Q3 Threats Report, Q4, qr code, QRCode, QR codes, Quarterly Global Channels Webcast, quarterly threat report, Quervar, R&D, raj samani, Ramnit, Ransom-AAY.gen.b, ransomeware, Ransomware, rançonnage, raonsomware, Rapport, RAR, RAT, Ravens, RC4 algorithm, RC4 encryption, rdp, Real-Time for ePO, realtec, Real Time ePO, Realtime ePO, Rebecca Black, Recent Facebook Scam, Recent Facebook threat, Records phone conversations, recover files, recurring revenue, Red Exploit-Kit, redirect, Red Kit, Red October, Red Team, reference architecture, regulation, regulations, reinfect mbr, relationships, remote evoting, Renee James, replacing your smartphone, reporting, reputational risk, Rep Weiner, research, reseller, resolutions, responsibility, responsible mail, Responsible netizens, restorative justice, restore credit and personal identity, retail, retail security, return-oriented programming, reverse engineering, RFID, riches, ring tones, risk, Risk Advisor, risk and, Risk and Compliance, Risk Management, risk of personal information loss, risks of online shopping, risky, risky app, risky celebrity searches, risky celebrity to search, risqué photos, Riverbed, Robert Siciliano, roberts siciliano, ROFL, rogue anti-virus software, rogue antivirus, rogue applications, Rogue Certificates, rogue security software, ROI, role playing games for kids, romance scams, Rookits, root exploit, Rooting Exploit, rootkit, RootkitRemover, Rootkits, ROP, RPM Italian, RSA, RSA 2012, RSAC, RTF, ruins, rules/guidelines for kids' cyber safety, Russia, s, SaaS, SaaS Monthly Specialization, SaaS security solutions, safe, safe email tips, Safe Eyes, safeguard, SafeKey, safe online shopping, safe password tips, Safe search, safe searching, safe search tips, safe shopping, safe shopping tips, Safe surf, safe surfing, safe transactions, safety, safety tips, SAIC, sales conversions, Salesforce.com, Samsung, Samsung Galaxy SIII, sandbox, San Jose, Santa, Saudi Arabia, Saviynt Access Manager, SCADA, scam, scammers, scams, Scam Video, SCAMwatch, SCAP, scareware, scarface, SchmooCon, school captain, school holidays, schools, SC Magazine, screensavers, sear, search, Search engine optimization, Search engine poisoning, SEC Guidance, secrecy, Secret Life of Teens, Secret Life of Teens research, Secret Lives of Teens, SecTor, Secure Boot, secure cloud computing, Secure Computing, secure container, secure data, secure devices, Secure Electronic Registration and Voting Experiment, Secure Email Gateway, secure mobile devices, secure new devices, secure passwords, secure smartphone, secure wi fi, Securing new devices, security, Security-as-a-Service, Security 101, Security and Defense Agenda, security attacks, SecurityAwareness, security awareness, Security best practice, security branding, security breach, security breaches, security conferences, Security Connected, Security Connected Reference Architecture, Security Education, Security Influence, security information and event management, Security Innovation Alliance, security landscape, security management, security metrics, security optimization, security partner, security policy, security policy enforcement, security protocols, security research, Security Seals, security software, Security Summit, security threats, security trends, self-defence, selling like, sensitive data, sensitive documents, sensitive information, Sentrigo acquisition, SEO, seo abuse, SEPA, SERVE, server, services, settings, sexting, Shady RAT, SharePoint, sharing photos, sharing pictures, shellcode, Shop.org, shopping scams, shortened URLs, short url, shoulder surfing, SIA, SIA Partners, SIEM, signature-based detection, signed drivers, Silent Circle, Silent Text, simple safety tips, SiteAdvisor, site advisor, siteadvisor research, Sitting On Top Of The World, Situational Awareness, Skype, skype.exe, Skype malware, SkyWiper, Skywyper, SlowLoris, Small busines, Small Business, Smart Grid, smart phone, smartphone, smartphones, smartphone safety, smartphone secuity, smartphone security, smart phone threats, SmartScreen, SMB, SMB Advisor Tool, SMB Deal Registration, SMB Extravaganza, SMBs, SMB security, SMB Specialization, smishing, sms, SMS Lingo, sniffing tools, SNS Addiction, social business, social comparison, social connections, social engineering, Social Engineering tricks by malware, social media, social media cleanup, social media in the classroom, social media online scams, social media passwords, social media scams, social media threats, social network, social networking, social networking best practices, social networking scams, social networking sites, social networking sites security, social networks, social responsibility, Social Security, Social Security Card, social security number, Social Security number fraud, social security number theft, Social Security number thefts, social skills, Sofia Vergara, soft token, software, Software-as-a-Service, software installation, solid state drive, SoLoMo, Solution, Sony, Sophos, South Africa, South Korea, spam, Spamhaus, spam mail, Spams, spear, Spearphishing, Spellstar, spoof, sport, SpyEye, Spyware, sql attacks, SQL Injection, SSN fraud, Ssucl, st. patricks day, Stack Challenge, stack pivoting, stamper.a, State of Security, stay protected online, stay safe from phishing, stay safe online, stay safe tips, Stealth, stealth attack, stealth crimeware, stealth detection, stealthy attack, steganography, Stephen Conroy, Steve Jobs, Stinger, stolen cards, stolen computer, stolen email addresses, stolen mail, stolen medical card, stolen passwords, stolen PC, stolen Social Security number thefts, Stonesoft, Stop.Think.Connect, storage, stored, strong password, student loan applications, Stuxnet, subscription, substation, Suites, summer activities, summer games, Summer holidays, Summer Olympics, summer vacation, Superbowl, Support, Support Notification Service, support services, surfing, survey, survive reboot, suspicious, suspicious messages, suspicious URLs, Swartz, swine flu, Symbian, symbols, Sype, System Progressive Protection, sécurité informatique, T-Mobile, tablet computers, tablets, tablet security, tag, TAGITM, Tags: Cybermum, targeted attack, targeted attacks, taxes, tax filing tips, taxpayer warning, Tax Preparer Scams, tax returns, tax scams, tax season reminder, TCO, teacher abuse over the internet, Teaming Plan, Tech Data, tech gifts, technical support, technology, technology development, technology trends, Tech Savvy Teenagers, tech services, tech support, TED, teenage, teen behavior, teen hate video, teen love, Teen Online Research, teens, teens and porn, teens online, teens online dating, teens online safety, Teens on social networking sites, teens posting video, Telecommunications, terrorism, Testing, Tetris, Texas fertilizer plant explosion, text message, text messaging, Thailand, The Age of Cyber Warfare, The Bullied and The Bystander, The Bully, The Economist, the European Network and Information Security Agency, The Profitability Stack, The Secret Life of Teens, The Stack, The Tallinn Manual on the International Law Applicable to Cyber Warfare, The Use of the Internet for Terrorist Purposes, The VARGuy, threat, threat intelligence, threat predictions, threat reduction, threat report, Threats, threats on women's day, Threats Predictictions, thumb drive, thurber, Tiered Pricing, Tiger mother, Tips, tips and tricks, Tips for a secured password, Tips for Consumers, tips to mobile security, tips to stay safe online, TITUS, TJX, TMI, Todd Gebhart, toolkit scam, tools, toothbrushes, Top 25 Companies to Partner With, Total Access, Total Access for Business, Total Access for Business Promotion, Total Protection for Enterprise, Total Protrection 2012, TPM, tracking usage, traffic manager, transfer data, translator, travel, travel related online scams, travel risk, travel scams, travel security, Travnet, trending topics, trends, Trevi, trojan, trojan banker, trojans, troubleshoot PC, Trust and Safety, Trusted Computing Module, trustedsource, trusted websites and web merchants, Trusteer, trustmark, Trustmark Security, TSA, TSB and STP, Tulane, Tumblr, Turkey, tweens, Tweens Teens and Technology, tweet, Tweets, twitter, Twitter celebrities, Twitter chat, Twitter online security, Twitter Spam, twitter spam; phishing; twitter scam, two-factor authentication, type in website address incorrectly, types of phishing, typing in incorrect URLs, typos, typosquatting, U.S. Cyber Challenge Camps, U.S. Economy, UAE, ukash, Ultrabook, Ultrabooks, Ultrabook security, unauthorized credit card transactions, Underground Economies, uninitialized local variable, unique password, United Arab Emirates, Unix, unlimited technical support, unpacking, unprotected PCs, unprotected rate research, unsecured computers, unsecured internet risk, unsecured unprotected wireless, unsecured unprotected wireless security risks, unsecured wireless, Unsecure websites, unsubscribe, untag, update computer, UPS scam, UPS scams, UPX, urchin.js, URL hijacking, URL shortening services, USB drives, use after free, use of cookies advertising personal security, use of Social Security number (SSN) as national ID, user identification, user mode, US ESTA Fee Scam, US passport, USSC, USSD, US Visa Waiver Program scam, UTF-8, UTM, vacations, Valentine's Day, valentine scams, valentines day scams; romance scams; email spam, valentines day scams; romance scams; valentine threats, ValidEdge, ValidEdge sandboxing, value-add, Vanity Fair, VB6, vbs, Vericept DLP, verify website's legitimacy, Verizon DBIR, Verizon Mobile Security with Total Equipment Protection, ViaForensics, video game, Video of Nayanthara and Simbu, video shot of infosys girl, vinoo thomas, violent video games, virtual arguments, Virtualization, VIrtual Machines, Virtual Sales Kickoff 2012, Virtual Sales Kickoff 2013, virus, Viruses, Virus protection, virusscan, VirusScan Enterprise with ePO 8.8, VirusTotal, visa, vista, Vista Defender 2013, Visual Basic 6, VMworld 2011, Vontu DLP, VorVzakone, voter registration, voting, vPro, vSkimmer, vulnerabilities, vulnerability, vulnerability management, Vulnerability Manager, vulnerability manager for databases, W32/XDocCrypt.a, waledac, Wall Street Journal, Walmart, WAN, water facility, water pumps hacked, water treatment facilities hacked, wave secure, wearables, web, Web 2.0, Webcast, web filtering, web gateway, Webinar, web mobs, web protection, web searches, web security, Websense DSS, Web services, web sites, website security, web threats, welfare fraud, wells fargo, Westfield, Westinghouse, what to do if your child is a bully, what to do when your wallet is lost missing or stolen, white hat hackers, whitelist, Whitelisting, Wi-Fi WEP WAP protection breach, wifi, Wii, wikileaks, Win7 Defender 2013, Win 8, window, windows, Windows 7, Windows 8, Windows 8 Metro, Windows Credential, Windows Defender, windows malware, Windows Mobile, Windows Runtime, Windows Server 2012, Windows Store, Wind River, WinRT, winsh, wiring money, Women’s Day, word cloud, work with victim restore identity, World Cup, world of warcraft, worm, Worm/Autorun, worm:Win32/Nuquel, Worms, wrong transaction scam emails, www.counteridentitytheft.com, Xbox, XDA-Developers, XDocCrypt, Xerox, XFA, xirtem, xmas, XPDefender 2013, xss, XtremeRAT, Yahoo!, Yahoo password hacked, yousendit, youth, You Tube, youtube, You Tube Channel, Youtube Scam, you tube videos, Zbot, Zero-Day, Zero-Day Attack, ZeroAccess, zero padding, zeus, ZIP, zombie, zombie computers, zombies, • Facebook etiquette, • Most dangerous celebrity, • Parental control
Corporate : Corporate Responsibility :

Is information security compliance really a cost center?

Wednesday, February 4, 2009 at 7:22pm by
Archive

No. Absolutely and unequivocally not. I am drawing the line in the sand. Business leaders need to understand there is no more need for proper security to justify itself over and over again. It saves you time and money (period).

Properly implemented information security provides business process improvement, technology improvement and threat reduction. Compliance controls that cover each of these areas to accepted “best practices” will save your organization money by the truckload and provide for expansion of your business tenfold if not more.

Far too often businesses require “measurable” savings when the cost reductions and business enablement is as obvious as a freight train hitting you while you are siting on the tracks. Below I will detail a simple walk-through of a compliance driven organization versus a non-compliant organization which makes it obvious that it is better and more efficient to be compliant as a business.

A compliance driven company GAINS these:

Business process improvements

  • Security streamlines and clearly defines roles and responsibilities making information flow more quickly through an organization
  • Security separates duties so decisions that occur are more accurate and accountable
  • Security provides checks and balances reduce internal risks thus saving costs
  • Security reduces business impacts of change
  • Security background checks eliminate the need to wade through candidates that cannot be trusted for sensitive positions saving on hiring costs.
  • … and much more

Technical Improvements

  • Firewalls clearly reduce un-needed load on the network saving bandwidth costs
  • Anti-Virus software has clear cut costs (that happen to be measurable) in saving response times from IT helpdesk personnel
  • Anti-Malware saves individuals and companies by reducing the threat of identity theft and having to disclose a breach
  • Data Loss Prevention software clearly enhances control of data for eDiscovery legal processes, managing information and backup/recovery of that data into single repositories not to mention enforcement of where that data goes (saving intellectual property)
  • Encryption clearly reduces costs by enabling collaboration with third parties (in fact it enables all businesses on the internet to do payment processing) something we sometimes forget.
  • Virtual Private Networks (VPN) enable remote access which means workers can work after hours or remotely while traveling (FOR FREE!)
  • Banks offer employees online access directly from work (the old days you had to leave work to go to the bank)
  • Risk & compliance means that systems are patched and maintained all in a similar fashion with similar configurations which leads to huge troubleshooting time saved since systems are less customized individually.
  • Customers are now able to interact with companies quicker and more efficiently than ever when these security controls have been put in place.
  • …and much more

Threat Reduction

  • Lower reporting costs for disclosure laws
  • No bad PR to respond to
  • Lower liability to your customers
  • Less outbreaks of worms/viruses (less system damage repair/replace)
  • … and much more!

A non-compliant company GAINS: NONE OF THE ABOVE

So for the finance geeks out there, yes I know you want metrics and pretty charts to make management feel good but a good business leader needs no justification to do to the right thing. Its just clear that a compliance driven company which employs security technologies properly is a much more lucrative business model than to ignore the problem (PROBLEM SOLVED).

Any questions?

Tags: , , , ,

Submit your own comments / message for this post

Your email is never published nor shared. Required fields are marked *

 

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Comments (6)

  • Andre' Williams April 13, 2009 6:55PM

    Would you buy a car, pickup truck or BMW without seat belts, Air bags, or windshields…Things to secure your investment. A cost derivative for securiing IT applications can be determined based on the type of security required/capability by the IT organization. Example:(I wouldn’t use pinto seat belts for my 745i BMW.) All IT components, systems, security, Storage, Networking, tools can be calculated as a derivative of IT investments for revenue applications. The trick is how and does it make since….?

    Some people make lots of money showing IT organization how to determine budgets based on Risk, AND business impacts. Risk alone is not enough. Quantifying the business impact in terms of dollars is the key.

    No tool can do this because have the battle is political, Belief, Facts, and Good technical analysis.

    Most technical staff mis the Political, and belief methods/tools and CFO’s laugh without the business objects and company vision linked to the technology risk…..Example.

    A previous client had a customer billing application generating $260 million per month. They were losing $14 Million per quarter because Security and performance caused a minor problem which tracked back to the business application not processing $14 million per month of new customer data appropriately.

    When IT asked for 7 Million to fix this problem the CFO laughed, Out loud. IT budget at that time was 4 Million per year. Once we explained that he was already loosing $ 14 Million dollars per month in unprocessd bills from new customers, he gladly wrote a $7 million dollar check to fix the problem. Being able to explian the Highlevel and the low level analysis to C-Level is Key in Showing how secuirty/IT components/ are cost centers, more correctly Cost derivatives.

    Peace Andre’
    AT: CIAProfessional@msn.com

    Reply
  • james March 14, 2009 5:11PM

    Enabler… yes… I do feel enabled… ;-)

    When I purchase AV or another security product for the business systems it does not become my personal play-toy. This purchase was made to protect the company as a whole.

    We need to change the way that products and services are delivered to non IT/InfoSec departments. Show where the costs truly come from and how they benefit the enterprise.

    Reply
  • Augusto Paes de Barros February 6, 2009 6:42PM

    Lawrence,

    thanks for your comment on my post about your post. Actually, I can see that we are more aligned in thought than it really appears. You used a very interesting word in your reply, “enabler”. I thought I originally did that on my post, but I wrote it in a different way. Saying that things are costs doesn’t mean that they are not good or should be discarded. Also, if you need to spend something you will want to do that in the most “bang for the buck” way, that’s what happens with security, if cannot avoid having it, do it in a way that you’ll have a small impact to the business, small cost and reduce risk as much as possible. I’ll write a more elaborate response for your comment in my blog, but it’s certainly a very nice debate :-)

    Reply
  • Lawrence Pingree February 6, 2009 6:02AM

    I concede that yes, it is considered a cost center. But yes, security technologies enable every revenue generating activity that exists today, from payment processing through to employee productivity. The point to my article was to have people consider realistically that rather than simply look at numbers. Look closely at the enabling technologies that exist because security technologies make them possible. The response I’m sure is that some of these things can be done without security, and I believe that many of them cannot and were not possible without security existing. Mutually inclusive like shoes are to a runner, sure they are a cost to the runner, but without them there is no winning the race. I’ve been around the block in security and my intention was to try and push this debate to the floor. How does one determine a cost to a revenue generating activity, the lines can be easily blurred here depending on how one looks at it and the business you are in. Can internet commerce be performed without security? I don’t believe so, and time and time again I am proven right by the data breaches that occur due to those security mechanisms being too lax or not properly implemented.

    No blank checks, but think carefully and sell your security technologies to management based not only on FUD but the enabling technologies security provides.

    In response to Mike Rothman’s blog post on securityincite.com:

    1. I don’t do drugs or even drink for that matter :)
    2. Separation of duties have existed long before SOX and were derived from DOD security measures and practices (think nukes man). I realize this is a new concept in many corporations and SOX has certainly created necessities for it these days.
    3. When speaking of a Compliance Driven Company I’m thinking not just thinking SOX and PCI but best practices as well as the plethora of other compliance mandates. What about internally defined security policies and compliance to them?(I should have been more specific I guess).
    3. On your Anti-Malware comment – If you wish to have no Anti-Malware, you are welcome to do so, but for me…. I’ll be installing it because I know it will prevent many of the threats. I’m a security guy, and I get that security will never be perfect but it is always better to have a door lock than to leave the door wide open.
    4. As far as separations of duties costing more, not necessarily, most companies utilize existing parties to require collusion and so it really costs very little and yes, work has always shown to improve through peer review. This is why all scientific papers are peer reviewed, they become more accurate through that process.
    5. I don’t feel you should ever give up selling the value of security as a revenue generator so don’t just turn to FUD. My advice to to look for those synergies where security will enable new company offerings and empower your company to become more profitable by utilizing security in that way.

    Closing thoughts, I love a healthy debate as it leads us through to progress.

    Reply
  • Bryan Greenberg February 4, 2009 10:25PM

    So you want me to ask for a blank check? Let’s assume for a minute the CFO doesn’t laugh me out of his office. Let’s even assume he gives me that check. Do I make it out to McAfee? Why should security be any less accountable than any other business unit? Does McAfee product marketing not create a business case for new products? The elitist attitude you recommend does nothing to improve the reputation of security organizations in the boardroom. Implementing the technology of the day does nothing to reduce risk or increase compliance. These can only be gained through proper policy and process, supported by the appropriate use of technology and measured for continuing improvement.

    Reply
  • Christofer Hoff February 4, 2009 10:06PM

    All very interesting points.

    I do have two questions regarding the relation between the title “Is information security compliance really a cost center?” and all the chewy goodness you espouse all this technology and the resulting compliance brings:

    1) If security compliance isn’t a cost center, are you then suggesting it’s a profit generator? So on the balance sheet it shows up as a revenue generator or profit center?

    2) Assuming I deploy all this wonderful technology above — no doubt from McAfee — is it fair then to say that it’s free?

    Thanks for your time and consideration in answering my questions.

    /Hoff

    Reply