ABSTRACT
The monitoring and management aspects, in particular, require nontrivial expertise for meaningful action based on the data generated by the security system. The price of security for many organizations has come to include the cost of proving, to the satisfaction of an auditing organization, that the security policies, procedures, and infrastructure of the organization are compliant with all relevant regulations under which the organization must operate. The cost of designing, deploying, and managing a security infrastructure will be the most significant part of the total cyber-security budget. In data security terms, those costs would be tied to issues such as reduced network throughput or increased help desk calls to deal with security-related issues. The lost revenue resulting from primary business halt was nontrivial, and even when the certification was renewed, there was a lingering effect on consumer confidence in the security of credit card transactions.
