tag:blogger.com,1999:blog-4482521283458453577.post4240651944583081783..comments2022-10-28T22:01:33.675-07:00Comments on Black Fist Security: Applying Unknowns to Annualized Loss ExpectancyAnonymoushttp://www.blogger.com/profile/10140419541264972382noreply@blogger.comBlogger4125tag:blogger.com,1999:blog-4482521283458453577.post-68508567693050948672009-02-02T10:16:00.000-08:002009-02-02T10:16:00.000-08:00You need to include your ARO (annualized rate of o...You need to include your ARO (annualized rate of occurrence) to get a better number. If SLE is $5,000, but you lose on average two laptops per year, your ALE is $10,000, so a software package with a total lifetime cost estimated at $50,000 is your break-even.<BR/><BR/>I'd also suggest that 2 hours to confirm a compromise is on the low side, unless you meant 2 hours per record lost, then I'd say it might be high. I also usually round up to $50 or $75 as staff cost due to overhead of task-switching, expense to other work not completed in that time, etc. Either number is reasonable IMO.<BR/><BR/>Lastly, I would be suspicious of a salesforce that didn't have more data on their laptops, since that's often requisite for them to do their job. But I'm also paranoid.jthhttps://www.blogger.com/profile/10483661198345556707noreply@blogger.comtag:blogger.com,1999:blog-4482521283458453577.post-32088126510478182742009-01-23T16:01:00.000-08:002009-01-23T16:01:00.000-08:00I calls'em as I sees'emI calls'em as I sees'emAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-4482521283458453577.post-62643172312346412282009-01-22T18:50:00.000-08:002009-01-22T18:50:00.000-08:00@Anonymous:You sir, are a twat!@Anonymous:<BR/>You sir, are a twat!Anonymoushttps://www.blogger.com/profile/10140419541264972382noreply@blogger.comtag:blogger.com,1999:blog-4482521283458453577.post-73631405941977742872009-01-22T17:51:00.000-08:002009-01-22T17:51:00.000-08:00What a Douche Bag! IT this IT that! Go back to the...What a Douche Bag! IT this IT that! Go back to the Connie. IT2 ThompsacAnonymousnoreply@blogger.com