« Can you get ROI from reduced costs? | Main | Batman's cell phone database encryption »

How to tell when "nothing happens"

One of the challenges in security is that folks suggest that when you are successful nothing happens. I like the paradox of this and often use an analogy to Y2K as an example of this phenomenon.

The only problem is that, it isn't really true that "nothing happens" when you employ some specific security control to prevent an exploit. Not only that, but even when it is difficult to collect data on what didn't happen, one can devise experiments to tell how frequently that nothing occurred.

Using better reporting and data correlation techniques, it is possible to measure the effect that a security solution had on an organization. The key is to find some control group, either within the company or some other organization. Even better these days, an organization can employ honeypots to provide much more information on what didn't happen.

Bottom line: you definitely have to be creative, and it will be challenging, but you CAN tell when "nothing happened."

September 12, 2008 |

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a00d8345207f669e2010534a5089b970c

Listed below are links to weblogs that reference How to tell when "nothing happens":

Comments

Verify your Comment

Previewing your Comment

Posted by:  | 

This is only a preview. Your comment has not yet been posted.

Working...
Your comment could not be posted. Error type:
Your comment has been posted. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.

Working...

Post a comment