nCircle.com >> 360 Security

« "Morally Reprehensible" | Main | SCADAGard SIG To Be Established »

Security as a Business Enabler

That was another quote from Mary-Ann from Oracle - that security should act as a business enabler. That's been a common position today - Adam Shostak mentioned it in his presentation as well. Basically, others are coming to the same argument I've been making on here for a couple of months now - security cannot survive as a cost center.

The real goal for Infosec needs to be to show business how we do (at least) one of the following two things:
      - Create revenue
      - Reduce costs

This can't be through sheer loss-reduction. If it is, the "it'll never happen to me" school of thought will always have a way out of making systems more secure.

Mary-Ann kept using the metaphor of bridge-building. To use similar terms, security can't just keep the bridge from falling down in an earthquake - it has to build a better bridge. If it's just about disaster avoidance and recovery, there's always going to be a reason to spend less money on it in difficult times.

Posted on May 9, 2005 4:00 PM |

Search


About

This page contains a single entry from the blog posted on May 9, 2005 4:00 PM.

The previous post in this blog was "Morally Reprehensible".

The next post in this blog is SCADAGard SIG To Be Established.

Many more can be found on the main index page or by looking through the archives.

Subscribe to this blog's feed
[What is this?]