ROI MIT SICHERHEIT

Finally, a Real Return on Security Spending

18.02.2002
Von Scott Berinato

The marquee example of that is the Computer SecuritySecurity Institute's (CSI)annual computer crime survey. Each year, CSI and the FBI reportsecurity trends in plain, often stark terms. The 2001 report'scenterfold is a chart called "The Cost of Computer Crime." It saysthat losses from computer crime for a five-year period from 1997 to2001 were an eye-popping $1,004,135,495. Alles zu Security auf CIO.de

There's just one problem with that number. "It's crap," says BruceSchneier, security expert, founder and CTO of security services vendorCounterpane Internet Security in Cupertino, Calif.

"There's absolutely no methodology behind it. The numbers are fuzzy,"agrees Bill Spernow, CISO of the Georgia Student Finance Commission inAtlanta. "If you try to justify your ROSI this way, you'll spend asmuch time just trying to justify these numbers first."

Therein lies the appeal of the current crop of studies. They havescientific method and a foundation of previously establishedresearch.

Zur Startseite