Trends Report

Determine The Value Of Information Security Assets And Liabilities — Information Security Economics 102

May 8th, 2013
Ed Ferrara
With contributors:
Renee Murphy , Christopher McClean , Thayer Frechette


This is the second in a series of reports providing guidance and new methods for the financial management of information security. The CISO's role is rapidly changing. A few years ago the CISO for many midsize firms was the security operations manager, and the job then was to employ technical skills to keep desktops, servers, and networks protected. Even in larger firms, the CISO still was sharply focused on technical IT security issues. Now, with losses from cybercrime spiraling out of control, security and risk professionals need a broad cross-section of financial skills and tools to be effective defenders of the enterprise. They need to effectively analyze how they allocate security resources to maximize their value to the business. Using a tool like the balance sheet — an information security balance sheet — will help you understand your information posture better, helping you account for the assets and liabilities you have as a security and risk professional.

Want to read the full report?

Contact us to become a client

This report is available for individual purchase ($1495).

Forrester helps business and technology leaders use customer obsession to accelerate growth. That means empowering you to put the customer at the center of everything you do: your leadership strategy, and operations. Becoming a customer-obsessed organization requires change — it requires being bold. We give business and technology leaders the confidence to put bold into action, shaping and guiding how to navigate today's unprecedented change in order to succeed.