Tag Archives: NIST 800-30

The Hand Rule: Managing the Upper Limits of Security Costs

While presenting a talk at CAMP IT last week I got into a number of conversations with attendees about the Hand Rule. At HALOCK Security Labs we talk about the Hand Rule a lot. Also known as the Calculus of Negligence, it is a way that an organization can mathematically estimate what a “reasonable” investment […]