[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Full-Disclosure] Learn from history?

To: "Full-Disclosure" <full-disclosure@xxxxxxxxxxxxxxxx>
Subject: RE: [Full-Disclosure] Learn from history?
From: "Alerta Redsegura" <alerta@xxxxxxxxxxxxx>
Date: Thu, 6 May 2004 10:08:19 -0500

> My only point is, SMB businesses are not prepared to pay for advanced
> security, which you say I should provide, and to whick I totally agree.
>
> Maybe my boss does not have the right business plan and marketing
> to 'sell'
> security. Probably.

The first thing to determine with the company management is: What happens to
the company if their network is down 1h? 2h? One day? One week?  How much
money does that represent?  If data is lost, how much does it cost to
re-build it (resources, time spent, etc.)?

If you clearly assess the risks and come up with a solution showing an
adequate cost-benefit ratio and you compare it to the possible losses,
chances are that management will approve your proposal, regardless of the
company size (from SMB to Fortune-100).





Iñigo Koch
Red Segura

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- RE: [Full-Disclosure] Learn from history?
  - From: Serge van Ginderachter (svgn)

Prev by Date: Re: [Full-Disclosure] Cygwin Whois.exe version(Stack Overflow)
Next by Date: [Full-Disclosure] I think some one might have screwed-up
Previous by thread: RE: [Full-Disclosure] Learn from history?
Next by thread: RE: [Full-Disclosure] Learn from history?
Index(es):
- Date
- Thread