contents

software
 
Comsec Consulting Launches Security Cost Analysis Tool

Comsec Consulting has announced the availability of a specially designed Security Cost Analysis Tool (S.C.A. Tool), to assist in the identification and assessment of the value of security controls and countermeasure investments.

The S.C.A. Tool is a unique application, developed in-house by Comsec Consulting, which has been created specifically to enable organisations to identify their overall expenditure on security and to establish whether this investment is effectively meeting their business security requirements.

The Tool assists the enterprise in structuring an approach to gather all the information needed to calculate security costs and risk value, within three primary areas; people and processes, technology and physical controls. The database behind the tool allows analysis of 560 individual parameters which affect over 50 different security control groups, as well as identifying 19 different types of enterprise breach and fraud abuse scenarios. The S.C.A. Tool can be individually customised and is able to provide a clear picture of spend, process and efficiency of an organisation's security controls and countermeasures.

The Tool is pre-populated with information gathered from Comsec's experience, as well as publicly available sources of data, which allows the security professional to generate a quick first cut model of potential spend and risk. In combination with Comsec's security methodology, the data is fine tuned with information gathered from different parts of the enterprise. This assists in determining security spend, identifying where duplication or redundant controls lie and details the business impact of security breach losses and internal fraud losses.

The Security Cost Analysis Tool (S.C.A. Tool) is being launched as an additional feature of Comsec's IT Security Cost Management approach and is available to enterprises looking to manage security spend without compromising the level of security overall.



write your comments about the article :: 2009 Computing News :: home page