Access "Layer 8: SOX security spending is an old, wrinkled tactic"
This article is part of the November 2005 issue of Comparing five of the top network-based inline IPS appliances
Those who have used the law to justify their infosecurity projects must answer for their spending. I recall a college philosophy course that had us wrestle with the question, "Does it pay to be ethical?" Perhaps a more current rephrasing of the inquiry would be, "Does it pay to be SOX-compliant?" The answer depends on not just ethical considerations, but also political and economic factors. If the sole purpose of the Sarbanes-Oxley Act is to prevent another Enron/Tyco/WorldCom debacle, then everything being asked of IT is a waste of time. If SOX is purely a political measure designed to ensure the re-election of congressmen, then it's obviously a waste of IT's budget. But if the purpose of SOX is to improve revenue for the auditing firms, then it has been a resounding success. The last several centuries of capitalism demonstrate that an independently verified level of transparency and governance is beneficial to investors and other stakeholders. Although national legislation and enforcement is a messy and imprecise instrument, there doesn't seem to be any ... Access >>>
Premium Content for Free.
Secure Reads: Contemporary Cryptography
Read a review of the book Contemporary Cryptography.
Application Security: Secure Software's CodeAssure Suite
Secure Software's CodeAssure Suite
Avoiding Network Traffic Confusion with Consistent Firewall Rules
Keep network traffic flowing by collaborating firewall rules and network access devices.
Content Filtering: InterScan Web Security Suite 2.5
Trend Micro's InterScan Web Security Suite 2.5
Antispyware: SurfControl's Enterprise Threat Shield 3.0
by Steven Weil, Contributor
SurfControl's Enterprise Threat Shield 3.0
ZyXEL Communication's ZyWALL P1
- Secure Reads: Contemporary Cryptography
Hot Pick: SecureWave's Sanctuary Device Control 3.0.1
SecureWave's Sanctuary Device Control 3.0.1
E-mail Security Guide for Managers
Staying on top of the latest e-mail threats.
Vulnerability tools provide a realistic view of the enterprise, where vulnerabilities are viewed in the context of the IT landscape.
Recent Releases: Security product briefs, November 2005
Learn about the security products that launched in November 2005.
On the Line
See how five IPS appliances match up against attacks.
- Hot Pick: SecureWave's Sanctuary Device Control 3.0.1
Editor's Desk: An email security guide for managers
Knights of Spamalot
Layer 8: SOX security spending is an old, wrinkled tactic
Ping: Katrina's Security Survivors
Katrina's Security Survivors
Perspectives: ITIL has application in security
The Information Technology Infrastructure Library (ITIL) is a set of best practices and guidelines for managing IT services can be applied to information security.
- Editor's Desk: An email security guide for managers
More Premium Content Accessible For Free
FTP gets big files to colleagues and clients fast, but as the headlines remind us, the threat of electronic break-ins is real. This guide to secure ...
As tablets and smartphones become more integrated into business environments, CISOs are scrambling to put effective countermeasures in place. But too...
This Technical Guide examines the necessary elements of, and how to implement, a sound mobile device management strategy. Devices will be lost...