Educause Security Discussion mailing list archives
Re: Breach Impact Calculator
From: Graham Toal <gtoal () UTPA EDU>
Date: Thu, 4 May 2006 13:39:00 -0500
SearchSecurity.com has an interesting privacy impact calculator they posted online. You can punch some numbers in and get an estimate for how much it will cost your organization to recover from a breach: http://tinyurl.com/z67vc
I don't even have to run it to know that it will give a huge number for even the smallest breach. All of these cost calculators (cost of spam, cost of virtualization, etc) err on the high side by a couple of orders of magnitude to make some expensive thing seem worthwhile (anti-spam appliance, vmware server, hiring a security consultant...) Everyone has an interest it making security breaches seem expensive. It brings more money to your department if you do it. The classic case was the AT&T E911 document which they sold for $13 that was reported as being worth $80K. (Which is about the right rate of markup for any of these calculators - take the answer and divide by 6000 :-) ) G
Current thread:
- Breach Impact Calculator Mark Rogowski (May 04)
- <Possible follow-ups>
- Re: Breach Impact Calculator Graham Toal (May 04)
- Re: Breach Impact Calculator Gary Flynn (May 05)