1.3. What Is the Cost of Lax Security Policies?

There are really two costs involved with lax network security: quantitative and qualitative. Quantitative costs, the ones most often discussed, are those that have the most immediate impact on the corporate bottom line, but qualitative costs can be just as important to a company in the long run.

According to The Yankee Group, network attacks accounted for $1.2 billion in lost revenue in 2000. That number doubled in 2001, and is expected to double again in 2002. Lost revenue is an example of a quantifiable cost of a security incident.

There is no universal formula to calculate the quantifiable costs of a network attack. There are, however, some commonalities that you can use to help develop your ...

Get The Practice of Network Security: Deployment Strategies for Production Environments now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.