lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <CAH8yC8=0N4HUCyhU2=HKd51G4ATNV6G6Rhdc1-cOUdLhDZEvnA@mail.gmail.com>
Date: Wed, 12 Oct 2011 21:31:41 -0400
From: Jeffrey Walton <noloader@...il.com>
To: gillis jones <gillis57@...il.com>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: Cost of Hacks?

On Wed, Oct 12, 2011 at 9:14 PM, gillis jones <gillis57@...il.com> wrote:
> Hi Guys,
>
> First and foremost, apologies if you feel this is spam- don't mean to, just
> trying to harvest some knowledge... I am looking into the overall cost of a
> hack, trying to figure out what kind of actual costs are incurred by
> businesses when they are hacked, so a few things:
>
> Do you have any real world figures you would be able to provide me,
> officially or unofficially- that would reflect the real cost to business of
> hacking? These Include:
>
>                    A. Any cost for personnel repurposing.
>                     B. Any cost of resources for Bandwidth, Cloud Computing
> Cycles Consumed, or other miscellaneous expenses associated with an active
> attack.
>                     C. Cost of regulatory compliance updates ( So, say
> someone is inside of PCI compliance during an attack, the cost of re-upping
> their compliancy and any associated costs.)
>                     D. Hard losses due to product stolen/destroyed/rendered
> useless
>                     E. Projected losses due to customer turnover and/or loss
> of customer trust relationship.
>                     F. Customer Interaction/Trust Relationship Costs
> (Notifications,Call Center Volume Redistribution for Questions regarding
> breach, Discounts)
>                     G. Losses due to fines and lawsuits
>                     H. Cost of Public Relations Management
>
> I am trying to come up with some idea of what the real cost is, not just the
> cost that corporations cite when they want to look like they are paying the
> price already for their "sins" but not enough that stockholders take
> notice...
Similar was recently asked on SecurityFocus mailing list. See
"financial loss estimates? ",
http://www.securityfocus.com/archive/105/520013/30/0/threaded.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ