Access "Layer 8: SOX security spending is an old, wrinkled tactic"
This article is part of the November 2005 issue of Comparing five of the top network-based inline IPS appliances
Those who have used the law to justify their infosecurity projects must answer for their spending. I recall a college philosophy course that had us wrestle with the question, "Does it pay to be ethical?" Perhaps a more current rephrasing of the inquiry would be, "Does it pay to be SOX-compliant?" The answer depends on not just ethical considerations, but also political and economic factors. If the sole purpose of the Sarbanes-Oxley Act is to prevent another Enron/Tyco/WorldCom debacle, then everything being asked of IT is a waste of time. If SOX is purely a political measure designed to ensure the re-election of congressmen, then it's obviously a waste of IT's budget. But if the purpose of SOX is to improve revenue for the auditing firms, then it has been a resounding success. The last several centuries of capitalism demonstrate that an independently verified level of transparency and governance is beneficial to investors and other stakeholders. Although national legislation and enforcement is a messy and imprecise instrument, there doesn't seem to be any ... Access >>>
Premium Content for Free.
Secure Reads: Contemporary Cryptography
Read a review of the book Contemporary Cryptography.
Application Security: Secure Software's CodeAssure Suite
Secure Software's CodeAssure Suite
Avoiding Network Traffic Confusion with Consistent Firewall Rules
Keep network traffic flowing by collaborating firewall rules and network access devices.
Content Filtering: InterScan Web Security Suite 2.5
Trend Micro's InterScan Web Security Suite 2.5
Antispyware: SurfControl's Enterprise Threat Shield 3.0
by Steven Weil, Contributor
SurfControl's Enterprise Threat Shield 3.0
ZyXEL Communication's ZyWALL P1
- Secure Reads: Contemporary Cryptography
Hot Pick: SecureWave's Sanctuary Device Control 3.0.1
SecureWave's Sanctuary Device Control 3.0.1
E-mail Security Guide for Managers
Staying on top of the latest e-mail threats.
Vulnerability tools provide a realistic view of the enterprise, where vulnerabilities are viewed in the context of the IT landscape.
Recent Releases: Security product briefs, November 2005
Learn about the security products that launched in November 2005.
On the Line
See how five IPS appliances match up against attacks.
- Hot Pick: SecureWave's Sanctuary Device Control 3.0.1
Editor's Desk: An email security guide for managers
Knights of Spamalot
Layer 8: SOX security spending is an old, wrinkled tactic
Ping: Katrina's Security Survivors
Katrina's Security Survivors
Perspectives: ITIL has application in security
The Information Technology Infrastructure Library (ITIL) is a set of best practices and guidelines for managing IT services can be applied to information security.
- Editor's Desk: An email security guide for managers
More Premium Content Accessible For Free
Despite the enormous concerns around cloud security, many information security professionals remain on the sidelines when it comes to their ...
Not only is modern malware getting more prevalent and sophisticated, it's also now focusing on a broader array of targets. Attackers would still love...
IT Decision Center
Learn how to evaluate your potential vendor's UTM product and its ability to meet your specific business requirements.