July 13, 2005

Sarbanes-Oxley spending drains security budgets

ComputerWeekly is reporting that corporate spending on SOX diminishes their security budget.

    International corporate spending on compliance with the Sarbanes-Oxley data security legislation has come at the expense of dealing with other security threats, according to the Information Security Forum (ISF).

    An ISF report said that many of its members expected to spend more than $10m (£5.7m) on complying with the US Sarbanes-Oxley legislation.


Are we forgetting that money you are spending on SOX should be put towards securing your data and creating accountability?! They make it sound like the SOX legislation requires that companies pour money into a black hole that does nothing to improve the overall security posture of a company.

If you are not allocating funds properly then fire your current consultants and hire someone who knows what they are doing and can provide you with cost effective, creative and overlapping solution. Quit complaining and get with the program.

[via Help Net Security]

Posted by volubis at July 13, 2005 06:10 PM | TrackBack