Good start to quantifying data breach costs

Good start to a framework for quantifying databreach hard- and soft-costs over at Securosis. Warrants further inputs from business units to catch any stragglers, but seems viable. Hard to track the costs surrounding loss in equity value… like when do you consider the recovery from the incident as starting and finishing? I wonder what ChoicePoint, TJX or Heartland might say.

~ by stevegoldsby on July 1, 2009.

Posted in Uncategorized

About Steve Goldsby

Steve has nearly two decades of experience in the information technology and security industry as a subject matter expert and consultant to Federal, State and commercial organizations spanning all major verticals. He is a popular featured speaker at national and state conferences as an Information Security subject matter expert. His Information Security articles and papers have been featured in national trade magazines and journals. Steve works for Integrated Computer Solutions Inc.

Twitter

RSS: Symantec HackIsWack site still open to rickrolling: Shared by Steve Symantec HackIsWack site still open to... http://bit.ly/95TxRp.....14 hours ago
RSS: Security Briefing: September 8th: Shared by Steve September 8th Threatpost Back at the helm after a grea... http://bit.ly/c6DdLs.....20 hours ago
RSS: Data Security Compliance Worldwide in a One Picture: Shared by Steve Data security compliance worldwide as... http://bit.ly/8YDH9r.....20 hours ago
RSS: Why I Don’t Like Time & Materials Gigs (T&M).: Shared by Steve Evil of T&M -- I agree to some extent, but ... http://bit.ly/9jA42e.....2 days ago
RSS: A little bit of fuzz: Shared by Steve A little bit of fuzz - good fuzz input files Original by Boon Lee Fa... http://bit.ly/9cyATN.....2 days ago

Steve on Security