Comments on: Implied Probability and Loss Calculations http://spiresecurity.com/?p=27 Risk and Cybersecurity Analysis Wed, 21 Aug 2013 23:28:51 +0000 hourly 1 http://wordpress.org/?v=3.5.1 By: Pete http://spiresecurity.com/?p=27&cpage=1#comment-24 Pete Wed, 12 Aug 2009 22:46:51 +0000 http://spiresecurity.com/blog/?p=27#comment-24 @Stuart -

You are illustrating a common use case, I agree. Believe it or not, there are enterprises in industries with infrastructure security budgets that operate in the way I described.

Regards,

Pete

]]> By: Stuart King http://spiresecurity.com/?p=27&cpage=1#comment-23 Stuart King Wed, 12 Aug 2009 22:04:20 +0000 http://spiresecurity.com/blog/?p=27#comment-23 You’re right from a theoretical point of view but this is not the way things work in the real world. Here, the project is frequently finished and deployed before somebody sticks their hand up and meekly asks if now would be a good time to talk about security. At which point, the budget for the year is fixed and the security director becomes about as welcome as a fart in a spacesuit at the next project meeting when he dare suggest spending two and a half grand on security yet alone two hundred and fifty!

]]>