On Wed, 2002-02-20 at 03:30, Lubomir.Nistor@star-21.de wrote: > well as a consultant I do this aproach: > > identify risk (fx. e-commerce site that brings $10M yearly=>1 day downtime=$300K=>1 hour downtime=$10K) > cover risk by realtime log auditing.. (costs fx $7K daily) > > profit=> risk value*risk probability - countermeasure=$40K monthly > This works for straight commercial front end system, but how to you cost a breakin to HR or other system that isn't critical to your ability to do business. The cost is definitely greater than the time to make good the damage but by how much? How does on cost employees privacy? -- Russell Fulton, Computer and Network Security Officer The University of Auckland, New Zealand --------------------------------------------------------------------- To unsubscribe, e-mail: loganalysis-unsubscribeat_private For additional commands, e-mail: loganalysis-helpat_private
This archive was generated by hypermail 2b30 : Tue Feb 19 2002 - 12:43:05 PST