It's difficuilt to say how much exactly does a business loose, how much they report lost to IRS(US Taxation).
However a couple of "factoid" opinions can be formulated.
A. Exposure/non-exposure is not guaranteed, sometimes even the best protected business will have virii/malware walked in via laptops and vpn's.
B. The bigger the beuracracy the greater the cost, the less flexible the business and the more teirs in their chain of command the more stops on the way to a cure and the more junk left behind by people who are "willing to take the risk", "do not need to replace this in this fiscal quarter", "downsize systems administrators", "Microsoft and Cisco are the only way to go", "We're not supporting more than one operating system here!".
C. Administrativa does not replace security. You can tell a user not to do something a thousand times just to see them do it again. This includes policies such as "do not bring your laptops/data/crap" from home and plug it in to the corporate LAN, "don't run AOL, etc...", do not install Corp VPN client on your home computer without a firewall.
D. Antivirus software is most likely allready present in most corporate and home setups (unless in dark ages) and hence it's the failure of this technology that causes outbreaks.
E. The larger the warehouse of administrative/clerical/non-technology workers using Windows(tm)/Office(tm) the greater the chance for an all-out systems down. Esp. if this cubicle field is adjescent to a Windows NT/2000(tm) server room with Microsoft Certified Systems Engineers (MCSE) running the show, shaparoned by a Microsoft Certified IT Manager (MCIM) who reports to a Microsoft Certified Cheif Information Officer (MCCIO)(tm).
(but I digress)
F. The less able the business to do business without computers the greater the cost.
eg. All systems down in a Used Car lot means they cannot print contracts or run computer based credit/load check, however paper still works great. All systems down in a Webhosting company is an immediate loss, followed by a long-term customer loss which can reflect directly into dollars.
That all being said, I think the numbers are BULL****! BULL****! BULL****!
They are brought to you by the same people who slap those "Information Security Incidents may cost this business $10000000000000000 per incident" posters near the water cooler.
Scary enough though people get convicted for crimes under the same "public scare" principle though.
Slashdot Mirror
It's difficuilt to say how much exactly does a business loose, how much they report lost to IRS(US Taxation). However a couple of "factoid" opinions can be formulated. A. Exposure/non-exposure is not guaranteed, sometimes even the best protected business will have virii/malware walked in via laptops and vpn's. B. The bigger the beuracracy the greater the cost, the less flexible the business and the more teirs in their chain of command the more stops on the way to a cure and the more junk left behind by people who are "willing to take the risk", "do not need to replace this in this fiscal quarter", "downsize systems administrators", "Microsoft and Cisco are the only way to go", "We're not supporting more than one operating system here!". C. Administrativa does not replace security. You can tell a user not to do something a thousand times just to see them do it again. This includes policies such as "do not bring your laptops/data/crap" from home and plug it in to the corporate LAN, "don't run AOL, etc...", do not install Corp VPN client on your home computer without a firewall. D. Antivirus software is most likely allready present in most corporate and home setups (unless in dark ages) and hence it's the failure of this technology that causes outbreaks. E. The larger the warehouse of administrative/clerical/non-technology workers using Windows(tm)/Office(tm) the greater the chance for an all-out systems down. Esp. if this cubicle field is adjescent to a Windows NT/2000(tm) server room with Microsoft Certified Systems Engineers (MCSE) running the show, shaparoned by a Microsoft Certified IT Manager (MCIM) who reports to a Microsoft Certified Cheif Information Officer (MCCIO)(tm). (but I digress) F. The less able the business to do business without computers the greater the cost. eg. All systems down in a Used Car lot means they cannot print contracts or run computer based credit/load check, however paper still works great. All systems down in a Webhosting company is an immediate loss, followed by a long-term customer loss which can reflect directly into dollars. That all being said, I think the numbers are BULL****! BULL****! BULL****! They are brought to you by the same people who slap those "Information Security Incidents may cost this business $10000000000000000 per incident" posters near the water cooler. Scary enough though people get convicted for crimes under the same "public scare" principle though.