How to justify information security spending
Source: ComputerWorld.com - Posted by Benjamin D. Thomas   
Privacy At a recent seminar on information security management, I heard that FUD (fear, uncertainty and doubt) is dead, that ROI is dead and that the insurance model is dead. Information security needs to give business value. This sounds like a terrific idea, but the lecturer was unable to provide a concrete example similar to purchasing justifications that companies use like: "Yes, we will buy this machine because it makes twice as many diamond rings per hour and we'll be able corner the Valentine's Day market in North America."

The seminar left me with a feeling of frustration of a reality far removed from management theory. Intel co-founder Andy Grove said, "A little fear in an organization is a good thing." So FUD apparently isn't dead.

This article will help guide Computerworld readers from a current state of reaction and acquisition to a target state of business value and justification for information security, providing both food for thought and practical ideas for implementation.

Read this full article at ComputerWorld.com

Only registered users can write comments.
Please login or register.

Powered by AkoComment!