Technology solutions are rarely one-size-fits all. But nowhere is this more true than in cybersecurity, where an individual company’s needs are as specific as they are complex. Add to that the high cost of failure and you’ve got tremendous pressure to make the right investments — ones that are powerful and customized enough to meet your security needs.
All investments demand ROI, but let’s examine the best way to shape your cybersecurity ROI against this backdrop of particularly high stakes and highly specific enterprise requirements.
As if the technical complexities and the existential risk a major breach can pose to organizations weren’t daunting enough, keep in mind that companies today operate in an increasingly challenging regulatory environment. The best cybersecurity protections need to take these requirements into account, and go beyond them.
On the liability front, for instance, GDPR was enacted last year in Europe but has implications for companies around the world, given the global nature of the internet. And on the transparency front, the Security Exchange Commission’s updated Guidance on Public Company Cybersecurity Disclosures up the ante for fast accurate disclosures of cybersecurity incidents. Cybersecurity solutions that don’t scale or perform at the speed of business can’t survive for long between this rock of liability and hard place of transparency.
Survival is not the same as ROI, however, meaning the optimal ROI comes from not just meeting the regulatory bar for compliance, but from exceeding it.
For instance, the latest Verizon Data Breach Report showed that the average dwell time, the duration a threat actor was able to lurk within systems before detection, was well over a year. Once discovered, the clock may be ticking for disclosing what you found — and perhaps your average cybersecurity solutions might be able to help with recovery efforts to minimize liability and forensics for timely reporting. But wouldn’t it be better to have a solution that found a way — through network traffic analysis or similar means — to detect the intruder earlier to begin with?
Another way to optimize ROI is to ensure your cybersecurity solution is configured to protect whatever it is you value most. Consider how a lot of the world’s largest breaches involve theft of customer data. These can be devastating, but survivable, given that credit card numbers can be replaced and customer loyalty can be won back if the target is Target or other large companies with the resources to endure and bounce back.
But what if the stolen information is intellectual property? When what’s exfiltrated is pirated entertainment content or a taxonomy of all the valuable company secrets that define your offerings, no amount of patching and disclosure can reverse what may be years of lost research, investment and competitive advantage. Similarly, what if your business involves OT or Critical infrastructure, where lives may be at stake?
Like any other business decision, your cybersecurity posture should be subject to a rigorous cost-benefit analysis. That analysis should be nuanced enough to get an accurate picture of the assets that define your company’s value; the specific and measurable damage you’d suffer if those assets were compromised; and the lessons those insights give about what your cybersecurity protections should look like.
As we mentioned at the outset, every company’s formula for optimizing ROI will be different. In a future post, we’ll look more closely at a few common ingredients that boost success.