Andy Ellis recently released a book on leadership called "1% Leadership" and has been releasing small lessons like this, piecemeal, to his Substack.
I talk about negative value all the time, but more often in terms of actual financial impact when trying to solve security problems or create controls. If you bought a $250,000 product, and in the first 6 months, it triggered ELEVEN false positives, and ZERO true positives, what's the value of that product? I endeavored to answer this question with a precise dollar figure.
Investigating the false positive, and providing the vendor with data so they could figure out why the false positive happened took roughly 4 hours of labor every time. That's 44 hours of a junior analyst's time, or about $2000.
When adding in the labor involved in implementing this $250,000 product, at the 6 month mark, it had produced around -$275,000 in value (that's a negative, below zero). Put this way, it wasn't hard to justify killing the renewal at the 1 year mark.
When you consider that everyone's time has a dollar figure attached to it, it's possible to apply this method to anything the security team does. Fourteen people in a single one-hour meeting? That comes with a cost that might be higher than you'd realize - probably in the thousands of dollars, depending on each individual's salary or billable rate.