Measuring the value of information security programs is difficult and a problem for the entire industry. In the second of the three part series, Intel discusses a practical approach to determine value of information security initiatives. Intel security professionals Tim Casey, Enrique Herrera, and Matthew Rosenquist discussed the success of Intel’s security value methodology outlined in the Whitepaper - Measuring the Return on IT Security Investments
Listen to how Intel utilizes this strategy as one means to measure the value of security programs. The whitepaper is available for download.
The 30 minute discussion can be replayed here:
The last of the three part series, Future State of Security Measurement, will occur on Wednsday June 4th. Everyone is welcome to participate or just listen in. Details can be found here:
http://communities.intel.com/openport/blogs/it/2008/05/12/how-do-you-measure-something-that-doesnt-happen