First, Swansea council mess up the translation of one of their signs: the Welsh says ""I am not in the office at the moment. Send any work to be translated".
Now, English councils are banning everyday Latin phrases, like 'vice versa' and 'via'.
It's worrying, isn't it?
Can you help with the following article? This article will be appearing in SC Magazine. SC features on specific technologies and trends are designed to inform IT security professionals about the state of the art in that area.
Deadline for leads is 7th November 2008. Email me or leave a comment below.
Extending the ROI on information security expenditure
How Information Security Professionals (ISP) can ensure that their investment in technology, people and consultants actually pays off. What are the best ways to ensure they get value for money, please the CEO and CFO and improve security - all at the same time?
The conundrum of being an effective information security professional is that if you do a good job then there aren't any tangible results -- you can only point to reduced or zero breaches. If the baord sees that the company seems to be insulated from attack it may be hard to get agreement for increased spend or bigger teams.
The problem is that the board doesn't see what you see. They don't know that you and your team are working 14 hours a day just to keep up with the waves of attacks and patching old systems.
So how does the CISO?
- Devise a budget
- Model the likely level of attack for the next four quarters (risk assessment)
- Audit current system architectures
- Work out how much to spend
- Get the best value and deals from vendors and consultants and resellers
- Prove to the board that without the investment and spend required the company would suffer monetary loss
- prove what the ROI would be on security spend
What skills does a CISO need to do all this? Are there any software tools available that can help? Can consultants help?
Should information security actually be exempt from proving ROI as it is necessary in the same way as physical security like alarms, fire exits, CCTV etc which most of the time are redundant to the functioning of the company's core business.
Box 1 recessionary times
This feature has become all the more topical given the current financial crisis and the impending recession but there are two schools of thought at the moment. One is that security spend will hold up as it's the one area that business cannot afford to skimp on because attacks may increase. Others however think that it is unlikely and that spending will be squeezed on security and at the very least legacy systems will be patched and made to last and 2009 budgets will remain static at best - cut at worst. What is the truth about all this? Who is right?
Box 2 CASE STUDY
An interview with a CISO or CSO from a well known business about how they configured their budget, got buy-in from the board and possibly devised a system to prove ROI on their architecture, policies and staff.
Well, it's nearly been three years coming, but finally BDO Stoy Haward have started paying out the monies owed from the Highbury ring-fenced fund.
A letter arrived in this morning's post with a cheque for the full amount I was owed by Highbury for work on iCreate in January 2006. According to the letter, the trustees of the New Credit Trust applied to the court for an order confirming the beneficiaries; the court made the order on the 8th September and they're now paying out.
Once the Trustees have completed all initial distributions, they will be contacting those parties who potentially have further Trust monies outstanding to them in order that they may prove whether their debt falls within the Trust period, which was from 12 December 2005 to 20 January 2006
Hopefully, everyone will get their cheques through soon then.
Finding the right gym is something of an artform. I'm not sure I've mastered it though. I spent a good week or so investigating the local gyms, ended up joining one in London Bridge and I'm not sure I made the right decision.
Virgin Active - Strand
Very nice. Very shiny. Lots of machines. Has a relatively small pool. Most of the free weights were available. Just hideously expensive, not quite as easy to get to for me as ones near London Bridge and the membership person wasn't very helpful. You also have to fill out a whole lot of forms to even get a trial. Towel service extra. Men's toilets were a bit nasty.
Fitness First - Beckenham
Good equipment. Good use of space. Helpful membership person. Towel service extra. Just a little bit soulless and very hard to get to by train and public transport.
Virgin Active - Bickley
Easy to get to if you're going by train from Victoria, since it's near Bickley station. Great facilities. Lovely pool. Massive number of machines and free weights, including the fabled power plates. Has a good café. Nicely priced too. If it had been better located, I would have joined this one (and still might).
Fitness First - Cottons (London Bridge)
The one I actually joined. Reasonably priced (compared to Virgin Active - Strand anyway). Has a smallish pool. However, it's always busy; the front of counter staff and membership staff don't seem to care; they messed up my health check-up booking so I never got it; the pool flooded the lower levels; I've been turfed out once because they were closing the gym at 3.00pm to connect it back up to the National Gird; almost all the doors have been taken off the men's lockers (I don't know why); they gave me someone to set up a training programme who had never used half the machines; and it closes at 6pm on Saturdays and Sundays (I was turned away at 5.30pm). And all that in only the last fortnight. Towel service included though.
Weather in London
Weather in Wales
What's up there then?
It's Shrove Tuesday today. Does it say something about me that I'm more excited by the thought of Pancake Day than I get about my own birthday?
Q: What are Santa's little helpers called?
A: Subordinate Clauses
I'm going to be on Christmas break between the 22nd December 2007 and the 1st January 2008. You can send me an email or leave a message on my voicemail and I'll get back to you on the 2nd January.
We went for a short weekend in November before the EuroStar switched over to St Pancras. Here are some piccies:
The Pompidou Centre from a couple of different angles
Recent Comments