Why Prevention is Better Than Protection

Reblogged from IS&T Security FYI:

An analysis of the cost of a breach that occurred at Idaho State University (ISU) shows that this one incident will cost the university four times as much (about $1M over two years) as the university would have normally spent on IT security in the same amount of time.

The cost of avoiding the incident which was blamed on a change in firewall policies that exposed servers, would have cost the university only $75,000, that is 7.5% of the cost of the incident.

Read more… 46 more words

IS&T Security FYI

An analysis of the cost of a breach that occurred at Idaho State University (ISU) shows that this one incident will cost the university four times as much (about $1M over two years) as the university would have normally spent on IT security in the same amount of time.

The cost of avoiding the incident which was blamed on a change in firewall policies that exposed servers, would have cost the university only $75,000, that is 7.5% of the cost of the incident. This preventative cost includes critical security control (secure configurations for firewalls, routers and switches), continuous vulnerability assessment and remediation, and maintenance, monitoring and analysis of audit logs.

The bottom line: spending $75,000 would have avoided the $1 million price tag of the breach. Read the full story online.

View original post

Advertisements