T is the cost of the intrusion detection tool.To determine our return on security investment (ROSI) we simply subtract what we expect to lose in a year (ALE) from the annual cost of intrusion.Doing this equation yields the Annual Loss Expectancy.E is the dollar savings gained by stopping any number of intrusions through the introduction of an intrusion detection tool. R is the cost per year to recover from any number of intrusions.(R-E) + T = ALE R – (ALE) = ROSIThe Earlier You Invest in Security, the Greater the ReturnResearchers found that you get a 21% return on your security investment at the software design phase, a 15% return at the implementation stage and a 12% return at the testing stage.RETURN on security investmentSOFTWARE ENGINEERING PROCESSsource: MIT/Stanford/@stake For More Information on the Economics Behind Securitywww.digitaleconomist.comA good primer on economic terms and techniques, including concepts such asindifference curves.cisac.stanford.edu/docs/soohoo.pdf Stanford economist Kevin Soo Hoo’s thesis on quantifying infosecurity. It’s a little math-heavy, but it contains excellent data on the history of the problem and a proposed model for fixing it.www.cert.org The CERT website has an entire page devoted to emerging research on survivability and the quantification of it. It includes the research highlighted here. Related content brandpost Sponsored by Freshworks When your AI chatbots mess up AI ‘hallucinations’ present significant business risks, but new types of guardrails can keep them from doing serious damage By Paul Gillin Dec 08, 2023 4 mins Generative AI brandpost Sponsored by Dell New research: How IT leaders drive business benefits by accelerating device refresh strategies Security leaders have particular concerns that older devices are more vulnerable to increasingly sophisticated cyber attacks. By Laura McEwan Dec 08, 2023 3 mins Infrastructure Management case study Toyota transforms IT service desk with gen AI To help promote insourcing and quality control, Toyota Motor North America is leveraging generative AI for HR and IT service desk requests. By Thor Olavsrud Dec 08, 2023 7 mins Employee Experience Generative AI ICT Partners feature CSM certification: Costs, requirements, and all you need to know The Certified ScrumMaster (CSM) certification sets the standard for establishing Scrum theory, developing practical applications and rules, and leading teams and stakeholders through the development process. By Moira Alexander Dec 08, 2023 8 mins Certifications IT Skills Project Management Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe