Security's hidden costs
May 24, 2005, 9:04pm PDT | Length: 00:03:07
The costs of security in terms of downtime and clean-up can be considerable. But as Determina's Charles Renert explains, there are also hidden costs, such as false positives and performance hits.
My name is Charles Renert and I'm the head of securityresearch and development at Determina Corporation. I'm here to talk about thehidden cost of security.
We all know that worms and Trojans and a bunch of attacksthat are spreading in the Internet and causing problems and so a lot of folksare looking to security solutions to fix them up. Now, we all agree you'regoing to need some level of security to protect yourself. The question is, doesit cost more than it should in order to protect you?
So, when we're talking about attacks, let's talk about justthe cost of the attacks themselves. I mean you're going to get downtime. Ifyou're attacked, you're going to have to take your machine down. You're goingto have to fix it up. There's a clean-up cost. Maybe you'll lose someconfidentiality. You'll lose some key data on your system, and you'll never beable to effectively recover them. So, when we're talking about cost, maybedowntime is, you know, not substantial. Maybe you can get yourself up quickly.Typically clean up is very expensive. I mean, actually the clean-up of a numberof machines can take a great deal of time and confidentiality is reallyunbounded, but I mean, it can be very sensitive information that you wouldn'twant released and so this can actually be a very critical loss. So, when wetalk about security, the idea is to protect you from these losses.
However, some security has some issues. False positives. Afalse positive is when a security product thinks you're being attacked, whenyou're not. So, you might actually incur a lot of costs here in terms ofdowntime or clean-up that you really didn't need to. Performance. Sometimessecurity solutions actually grind your computer down to a halt or so slow thatyou actually can't use it for what you intended. Again downtime.
Circumvention. Some security products actually don't reallydetect much in the way of a broad class of threat. So when a new attack comes,they're not actually going to be able to protect you. So when that happens,you're effectively reintroducing all of the costs.
And then finally, there's an operational cost. So, in orderto manage security, frequently solutions will require training or updates orother things that require you to go and modify your system and do a number ofupdates.
So, what I want you to take away is that, with respect tosecurity, you want to make sure that as you're trying to protect against thecosts here, that you're also avoiding the costs here because if you're actuallynot careful, what can wind up happening is you'll just wind up paying lots.