nCircle.com >> 360 Security

« FUD, FUD and more FUD. | Main | SCADAGard SIG To Be Established »

Security and Value

Read an interesting link from the linking integrity blog this morning about a Canadian CEO who has proclaimed that security is about brand protection (which should justify your security spend).

The whole article is here and uses Choicepoint as the example of why security breaches are about brand protection. The CEO (Mary Kirwin of Headfry) then makes the leap that, if security is about branding, it can't be about technology.

Talk about a muddle.

First, let me say that she's right. Not in the way that she thinks that she is, but she's right: security is not about technology. But it's sure as hell not about branding, either.

Security is about business.

Let me say that again.

Security is about business.

Sure, protecting and enhancing your brand is part of doing business. But it's not the whole thing.

Security processes are designed to add value to your business processes. If they don't, you're wasting your money. The rest of the article succeeds in making that argument - however, all of the quotes are narrowly focused. The other people are talking about metrics - it's all small picture stuff.

We need to start looking at Security as a value add to the business proposition - not as "technology", or "metrics", and sure as heck not as "brand protection". Sure, it provides all of those things, but security is really about enhancing the way that you do business.

Posted on March 23, 2005 6:53 AM |

Search


About

This page contains a single entry from the blog posted on March 23, 2005 6:53 AM.

The previous post in this blog was FUD, FUD and more FUD..

The next post in this blog is SCADAGard SIG To Be Established.

Many more can be found on the main index page or by looking through the archives.

Subscribe to this blog's feed
[What is this?]