Security Basics mailing list archives
RE: financial loss estimates?
From: "Mikhail A. Utin" <mutin () commonwealthcare org>
Date: Wed, 5 Oct 2011 15:54:57 -0400
My ten cents: do not forget various laws and regulations, from federal like SOX and to Massachusetts 201 CMR 17.00. When it comes to authorities, impact of an audit could vary from almost nothing to very significant. Plus, legal litigations. While TJX or a bank can afford all following and will survive, small fish will die. Mikhail A. Utin, CISSP Information Security Analyst -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Adam Pal Sent: Wednesday, October 05, 2011 3:24 PM To: fire0088 () fmail com Cc: security-basics () securityfocus com Subject: Re: financial loss estimates? Hello Fire0088, Personaly i consider this task being dificult up to impossible. Why? Because companies does not like to list/share such kind of impacts as it would lead to increase the financial damage. I use to consider 2 factors when i talk about impacts you named bellow: - the financial impact of the incident itself (costs for change bank accounts, exchange credit cards, inform employees, etc) - the financial impact caused to the image of the company The first one is calculable while the 2nd one ist not, having a good PR could save you but depending on the propagation it could be critical for your company. -- Best regards, Adam Pal Wednesday, October 5, 2011, 4:05:16 AM, you wrote: <==============Original message text=============== ffc> I'd like some of the findings I've reported to be converted into a ffc> more manager friendly metric (there are three things a manager ffc> focuses on: moving up the corporate ladder, pretty charts and money). ffc> Are there industry standard rates, or case studies on the true cost ffc> to a business for a data breach? ffc> Specifically, i'm looking for the impact from a data breach ffc> involving financial information (bank accounts, loan info, credit ffc> card numbers, ect), social security numbers, and employee IDs. ffc> Thanks ffc> ------------------------------------------------------------------- ffc> ----- Securing Apache Web Server with thawte Digital Certificate In ffc> this guide we examine the importance of Apache-SSL and who needs an ffc> SSL certificate. We look at how SSL works, how it benefits your ffc> company and how your customers can tell if a site is secure. You ffc> will find out how to test, purchase, install and use a thawte ffc> Digital Certificate on your Apache web server. ffc> Throughout, best practices for set-up are highlighted to help you ffc> ensure efficient ongoing management of your encryption keys and digital certificates. ffc> http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6 ffc> be442f727d1 ffc> ------------------------------------------------------------------- ffc> ----- <===========End of original message text=========== ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------ CONFIDENTIALITY NOTICE: This email communication and any attachments may contain confidential and privileged information for the use of the designated recipients named above. If you are not the intended recipient, you are hereby notified that you have received this communication in error and that any review, disclosure, dissemination, distribution or copying of it or its contents is prohibited. If you have received this communication in error, please reply to the sender immediately or by telephone at (617) 426-0600 and destroy all copies of this communication and any attachments. For further information regarding Commonwealth Care Alliance's privacy policy, please visit our Internet web site at http://www.commonwealthcare.org. ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- financial loss estimates? fire0088 (Oct 05)
- RE: financial loss estimates? Michael_Campeau (Oct 05)
- Re: financial loss estimates? Adam Pal (Oct 05)
- RE: financial loss estimates? Mikhail A. Utin (Oct 05)
- Re: financial loss estimates? Jeffrey Walton (Oct 05)
- RE: financial loss estimates? Mikhail A. Utin (Oct 05)
- Re: financial loss estimates? Michal Zalewski (Oct 05)
- Re: financial loss estimates? Jeffrey Walton (Oct 11)