Optimising Security

There is a great post today by my friend Daniel Baird over at his site Outside the Asylum on Optimising Security.

It shows the relationship between the cost of security, risk and profitability of an organisation.

As I commented on his site, I can see a number of follow up posts on this and how you flesh out the data-points that support it. It is a juggling act that every one of us in the information security space plays.