Return on Security Investment (ROSI) . This discussion item is part of the Analysis of Alternatives exercise. Your CISO has asked you to lead a Brown Bag lunch discussion about the costs and benefits of investments in security technologies. The reading assignment for this discussion is: Introduction to Return on Security Investment: Helping CERTs assessing the cost of (lack of) security. You have been asked to prepare a short discussion paper to be used to spark discussion amongst the attendees. Your paper must address the following: What is the ROSI calculation? How is it used to evaluate cybersecurity technologies? What are the limitations of this metric? How can this metric be used to evaluate one or more of the technologies selected for study? (refer back to Week 6) Post your three to five paragraph short paper as a response to this discussion topic. Include APA format citations and references as appropriate to the information used and the sources from which you obtained that information. Reference European Network and Information Security Agency. (2012). Introduction to Return on Security Investment: Helping CERTs assessing the cost of (lack of) security. Heraklion, Crete, Greece: Author. Retrieved from https://www.enisa.europa.eu/activities/cert/other-work/introduction-to-return-on-security-investment/at_download/fullReport

    Reappear on Defence Cannonade

    ROSI Circumspection

    ROSI circumspection is an evaluation used by twain specific and generally-known constructions to substantiate the virtual impairment which be saved through a detail defence cannonade. The circumspection involves differentiating the monetary estimate that an cannonade has with monetary estimate that is implicated in promote abatement.  Quantitative promote toll is used in estimating the promote of the monetary estimate (UcedaVelez, 2008). The ROSI circumspection brings conjointly the consume of implementing a detail defence and the quantitative promote toll so as to collate the annual impairment expectancy with the impairment that is expected to be saved.

    Cyberdefence Technologies

    Cyberdefence has grace a elder moment with construction adopting technologies that obviate axioms impairment and impairment. The ROSI circumspection can be used to evaluate the technologies life applied in cyberdefence through indicating how plenteous an construction should dissipated coercion the cybersecurity. So, the circumspection indicates whether the defence technologies are ample to minimize expected impairmentes. Through the ROSI circumspection sentence makers are efficacious to substantiate benefits and avail from the technologies conjointly with impairmentes if the defence is not attributable attributable attributable implemented.

    Limitations of ROSI Circumspection

    The ROSI circumspection principally relies on nature which is a elder disrecommendation if wickedness estimates are manufactured qualitative to virtual impairmentes. Estimating the gentleman consume of cyberdefence using ROSI accordingly incidents that threaten axioms impairment alter from specific environment to the other. So, the deduction can be manipulated abundantly by the users to solution their specific attention thus putting advice at promote. ROSI circumspection on cyberdefence technologies uses the Gordon and Loeb example which depends on approach hence a proud promote of inaccuracy (UcedaVelez, 2008).

    Evaluation of Technologies

    The ROSI circumspection can be used to evaluate technologies such as massive axioms indicating the totality of defence needed to cover the axioms. The circumspection so shows the virtual impairment that can be incurred if the massive axioms is impairmentd. Due to the proud share and capacity of massive axioms, ROSI illustrates the defence cannonade required and whether the totality life paid is merit it.

     

    References

    European Network and Advice Defence Agency. (2012). Introduction to Reappear on Defence Cannonade: Helping CERTs assessing the consume of (bankruptcy of) defence. Heraklion, Crete, Greece: Author. Retrieved from https://www.enisa.europa.eu/activities/cert/other-work/introduction-to-return-on-security-investment/at_download/fullReport

    UcedaVelez, T. (2008). What’s the reappear on your defence cannonade?. Journal of Corporate Accounting & Finance, 19(5), 61-67.