• Home
• Benefits
  • Better
    • Defensible Decisions
    • Holistic Approach
    • Architectural Focus
    • Determine ROI
    • Communication
    • Optimize Risk
    • Due Diligence
  • Faster
  • Cheaper
• Risk Modeling
  • Methodology
    • Premise
    • Attack Tree Analysis
    • Advantages
  • Software
  • FAQ
• Demos
• Documents
  • Documents
  • Tutorial
  • Links
• Software Trial
• U.S. Gov't & Defense
  • GSA
  • NCAGE / CCR
  • National Stock Numbers
  • Sensitive Environments
• Company Info
• Contact Us

SecurITree is Better

4: Determine the ROI of potential security investments

Some would say this is the Holy Grail of security analysis. With SecurITree it isn't hard at all to estimate ROI. SecurITree shows you which attacks (for a given type of adversary) are likely to occur given a particular system configuration and the corresponding business or organizational impact. The analyst then changes the model to reflect the proposed improvements. Analysis is repeated to determine the reduction in attack impact. If the improvement is greater than the cost of the proposed solution, the ROI is positive. The higher the ROI the better the solution.

SecurITree allows potential solutions to be compared. With SecurITree you will know (before implementing) whether a solution is effective (i.e., it will work) and cost effective (you save more than you spend). We have seen many cases where SecurITree highlighted an inexpensive procedural change as being less costly and more effective than sophisticated technological solutions. SecurITree can also show when solutions aren't worth implementing.

Most vendors sell tools to solve problems. SecurITree shows you which problems are worth solving!

<< Previous Item (3 of 7)       Up (To List)       Next Item (5 of 7) >>