Making a security and compliance investment: how to value what you pay for
Abstract
Purpose
The purpose of the paper is to emphasize the need for technology and people investments in security and compliance and to show the cost of not making such investments.
Design/methodology/approach
The paper describes direct and indirect costs of database intrusions and data thefts, shows ways in which the cost of technology can be justified, and shows examples of how return on investment (ROI) can be calculated.
Findings
The paper finds that, in today's data‐sensitive climate, automation of stronger data protection practices has become an essential activity.
Originality/value
This paper is a practical reminder that security does not come without investment in appropriate automated systems along with related policies and other safeguards.
Keywords
Citation
Mazer, M. (2007), "Making a security and compliance investment: how to value what you pay for", Journal of Investment Compliance, Vol. 8 No. 3, pp. 75-78. https://doi.org/10.1108/15285810710824125
Publisher
:Emerald Group Publishing Limited
Copyright © 2007, Emerald Group Publishing Limited