“A company with at least 10,000 accounts to protect can spend, in the first year, as little as $6 per customer account for just data encryption, or as much as $16 per customer account for data encryption, host-based intrusion prevention and strong security audits combined,” Litan said in an accompanying statement. “Compare [that] with an expenditure of at least $90 per customer account when data is compromised or exposed during a breach,” she added.So if you split the difference and spend $10/customer on security as prevention, that stitch in time really does save nine stitches fixing it later. Prevention is good risk management.
-jsq
PS: Seen on Steve Hagen’s Network Security Journal.