Access "Layer 8: SOX security spending is an old, wrinkled tactic"
This article is part of the November 2005 issue of Comparing five of the top network-based inline IPS appliances
Those who have used the law to justify their infosecurity projects must answer for their spending. I recall a college philosophy course that had us wrestle with the question, "Does it pay to be ethical?" Perhaps a more current rephrasing of the inquiry would be, "Does it pay to be SOX-compliant?" The answer depends on not just ethical considerations, but also political and economic factors. If the sole purpose of the Sarbanes-Oxley Act is to prevent another Enron/Tyco/WorldCom debacle, then everything being asked of IT is a waste of time. If SOX is purely a political measure designed to ensure the re-election of congressmen, then it's obviously a waste of IT's budget. But if the purpose of SOX is to improve revenue for the auditing firms, then it has been a resounding success. The last several centuries of capitalism demonstrate that an independently verified level of transparency and governance is beneficial to investors and other stakeholders. Although national legislation and enforcement is a messy and imprecise instrument, there doesn't seem to be any ... Access >>>
Premium Content for Free.
Secure Reads: Contemporary Cryptography
Read a review of the book Contemporary Cryptography.
Application Security: Secure Software's CodeAssure Suite
Secure Software's CodeAssure Suite
Avoiding Network Traffic Confusion with Consistent Firewall Rules
Keep network traffic flowing by collaborating firewall rules and network access devices.
Content Filtering: InterScan Web Security Suite 2.5
Trend Micro's InterScan Web Security Suite 2.5
Antispyware: SurfControl's Enterprise Threat Shield 3.0
by Steven Weil, Contributor
SurfControl's Enterprise Threat Shield 3.0
ZyXEL Communication's ZyWALL P1
- Secure Reads: Contemporary Cryptography
Hot Pick: SecureWave's Sanctuary Device Control 3.0.1
SecureWave's Sanctuary Device Control 3.0.1
E-mail Security Guide for Managers
Staying on top of the latest e-mail threats.
Vulnerability tools provide a realistic view of the enterprise, where vulnerabilities are viewed in the context of the IT landscape.
Recent Releases: Security product briefs, November 2005
Learn about the security products that launched in November 2005.
On the Line
See how five IPS appliances match up against attacks.
- Hot Pick: SecureWave's Sanctuary Device Control 3.0.1
Editor's Desk: An email security guide for managers
Knights of Spamalot
Layer 8: SOX security spending is an old, wrinkled tactic
Ping: Katrina's Security Survivors
Katrina's Security Survivors
Perspectives: ITIL has application in security
The Information Technology Infrastructure Library (ITIL) is a set of best practices and guidelines for managing IT services can be applied to information security.
- Editor's Desk: An email security guide for managers
More Premium Content Accessible For Free
Enterprises leverage open source software for the perceived quality of the code, but the Heartbleed flaw has made many question their use of ...
The network of today's enterprise is larger and more diverse than ever, which means there's more for hackers to attack. So as enterprises update ...
In the rush to capitalize on big data, many companies forget that developing an ecosystem of structured and unstructured data means higher risk of ...