Security Management Strategies for the CIOAccess "Layer 8: SOX security spending is an old, wrinkled tactic"
This article is part of the November 2005 issue of Comparing five of the top network-based inline IPS appliances
Those who have used the law to justify their infosecurity projects must answer for their spending. I recall a college philosophy course that had us wrestle with the question, "Does it pay to be ethical?" Perhaps a more current rephrasing of the inquiry would be, "Does it pay to be SOX-compliant?" The answer depends on not just ethical considerations, but also political and economic factors. If the sole purpose of the Sarbanes-Oxley Act is to prevent another Enron/Tyco/WorldCom debacle, then everything being asked of IT is a waste of time. If SOX is purely a political measure designed to ensure the re-election of congressmen, then it's obviously a waste of IT's budget. But if the purpose of SOX is to improve revenue for the auditing firms, then it has been a resounding success. The last several centuries of capitalism demonstrate that an independently verified level of transparency and governance is beneficial to investors and other stakeholders. Although national legislation and enforcement is a messy and imprecise instrument, there doesn't seem to be any ... Access >>>
Access TechTarget
Premium Content for Free.
What's Inside
Features
-
-
Secure Reads: Contemporary Cryptography
Read a review of the book Contemporary Cryptography.
-
Application Security: Secure Software's CodeAssure Suite
Secure Software's CodeAssure Suite
-
Avoiding Network Traffic Confusion with Consistent Firewall Rules
Keep network traffic flowing by collaborating firewall rules and network access devices.
-
Content Filtering: InterScan Web Security Suite 2.5
Trend Micro's InterScan Web Security Suite 2.5
-
Antispyware: SurfControl's Enterprise Threat Shield 3.0
SurfControl's Enterprise Threat Shield 3.0
-
Firewall VPN
ZyXEL Communication's ZyWALL P1
-
Secure Reads: Contemporary Cryptography
-
-
Hot Pick: SecureWave's Sanctuary Device Control 3.0.1
SecureWave's Sanctuary Device Control 3.0.1
-
E-mail Security Guide for Managers
Staying on top of the latest e-mail threats.
-
Aerial View
Vulnerability tools provide a realistic view of the enterprise, where vulnerabilities are viewed in the context of the IT landscape.
-
Recent Releases: Security product briefs, November 2005
Learn about the security products that launched in November 2005.
-
On the Line
See how five IPS appliances match up against attacks.
-
Hot Pick: SecureWave's Sanctuary Device Control 3.0.1
-
Columns
-
Editor's Desk: An email security guide for managers
Knights of Spamalot
-
Layer 8: SOX security spending is an old, wrinkled tactic
Darned SOX
-
Ping: Katrina's Security Survivors
Katrina's Security Survivors
-
Perspectives: ITIL has application in security
The Information Technology Infrastructure Library (ITIL) is a set of best practices and guidelines for managing IT services can be applied to information security.
-
Editor's Desk: An email security guide for managers
More Premium Content Accessible For Free
Next-generation firewalls play by new rules
E-Zine
Firewalls started their journey to the next generation at about the same time as the Star Trek TV series. While the products have advanced with ...
Developing your endpoint security management transition plan
E-Handbook
This TechGuide will help you develop your endpoint security management transition plan. Articles focus on overcoming the challenges of Web-based ...
Unlock new pathways to network security architecture
E-Zine
Network security architecture is showing its age at many organizations. With new technology, different data types, and use of multi-generations of ...