Greater spending on cybersecurity products hasn't entailed a better organizational security posture. Despite the millions of dollars spent by organizations year on year, the average cost of a cyberattack jumped by 50 percent between 2018 to 2019, hitting $4.6 million per incident.
Labor intensive security solutions like signature-based heuristics, machine learning and threat hunting all necessitate a large SOC operation to monitor and manage. Machine learning tools don’t minimize this demand on skilled human expertise, as a large team of cyber researchers is needed to train the ML model and repeatedly place heuristics on new malware - a significant expense that is built into the cost of the product.
These strategies need to be built into a solution in order to ensure its cost efficiency:
- Focus on prevention. Select a solution that stops a cyber-attack before execution. A detection and response approach costs far more than prevention. Prevention of data breaches or other attacks reduces the organization's financial exposure from all perspectives, paying remediation costs to productivity loss and liability costs.
- Look at the metrics. A cybersecurity vendor should be able to provide metrics that demonstrate its solution achieves high detection rates with low false-positive rates.
- Reduce and minimize security layers. In light of the fact that more agents on an endpoint, don’t minimize the likelihood of a breach, try to resist the temptation to implement the many niched products available in the market. A more effective option is to select one platform that provides cover for all devices and OS present in an enterprise's ecosystem.
- Greater Automation. Automating more cybersecurity tasks to detect and prevent threats reduces both dependence on human expertise and the risk of human error.
The Strength in Simplicity
When CISOs are considering different solutions, each vendor should be able to give them a one-page product sheet that easily defines a broad scope of a solution's quantifiable benefits; the range of environments it provides coverage for, the OS’s it can be applied to; and what processes it can automate. The one-pager should also make clear whether the solution takes a more predict and prevent posture, or that of detect and response.
The goal should be to find a single agile solution that can check the box on all these strategies, which combine to increase both cost efficiency and enterprise security.