Today, a few hackers may be ideologically motivated, but the majority of attacks are financially-driven crimes. This is seen most clearly in the rise of ransomware; no mystery, just pure and simple extortion. And consider the latest victim of choice, the healthcare industry, sacrosanct in most people’s eyes but merely a lucrative, vulnerable target to cybercriminals. As such, cybercrime follows the economic rules of any business – reward must outweigh costs – and should be confronted on those terms.Read More
This is the second blog post in a series of excerpts from the ebook (download here) “Know Your Cyber Security ROI: Making the Business Case for Cyber Security.” The first post introduced the concept of cybersecurity implicit ROI and the factors that determine the expected value of your cybersecurity operations. It also outlined the three attack phases and the correlation between attack phase and organizational cost.
This post examines the first attack phase and the costs associated with precautionary measures during this phase:
Organizations employ many precautions and actions in the attempt to block cyber attacks. Such measures can require significant time and resources to implement as well as maintain. This class of tools includes endpoint security solutions such as anti-virus, protection and detection systems as well as gateway solutions.
Every enterprise includes software patching as part of its security system to some extent. Because of its widespread use and marked impact on business processes, we will examine patching as an example of direct and indirect costs to your organization.Read More
Executives often view cybersecurity as an expense, a necessary one perhaps, but still a burden on company finances, focus and time. Instead it should be approached as an investment – an investment in protecting an organization’s systems, resources, customers and reputation. And, like any investment, cybersecurity should be able to prove its value by delivering a solid ROI. But how do you calculate cybersecurity ROI? After all, security doesn’t create earnings.Read More
Last week’s Gartner Security & Risk Management Summit crammed several months’ worth of information, analyses, workshops and networking into 3 ½ short days. As expected, everything related to cyber security was particularly hot. Though many messages were familiar, a shift could be detected, a recognition that the landscape is transforming and innovation is called for.Read More
Subscribe to our blog
Stay in the loop with industry insight, cyber security trends, and cyber attack information and company updates.