Security technologies that provide the most savings

A new report from Accenture and the Ponemon Institute quantifies which cybersecurity technologies provide the most value to an organization.

1 security costs on the rise
NicoElNino / Getty Images

Security costs are on the increase

IDC estimates that worldwide Spending on Security Solutions will reach $103.1 Billion in 2019. Security budgets average around $9 million per year per enterprise, according to Kaspersky. While the average cost of a data breach according to IBM and Ponemon is $3.86 million.

While the numbers are getting bigger, security incidents are becoming more visible and cybersecurity is becoming more of a board-level issue, which means CSOs need to be able to justify their budgets and investments more closely than ever before. 

“Security professionals are in an impossible situation. They're either the prophets of doom or they're the scapegoat,” says Nick Taylor, managing director, strategy, Accenture UKI. “And you can run out money quite quickly investing in new technologies.”

Which technologies provide the best value and can help drive costs down? The Cost of Cybercrime Study from Accenture and Ponemon quantifies which technologies provide the most savings. Based on interviews with over 2,600 senior leaders from 355 companies, it highlights security technologies that can reduce costs after deducting the amount of money invested in the technology.

2 threat intelligence provides the most value
the-lightwriter / Getty Images

Threat intelligence provides the most value

Security intelligence and threat sharing, which is used by 67 percent of enterprises in the study, provides the most cost savings at $2.26 million on average, according the report. It is useful for both discovery and investigation activities and aids with understanding of threats so companies can better target resources against anticipated attacks.

As well as threat intelligence feeds and sharing networks, this technology includes dark web monitoring, which can look out not only for data that has already been leaked but people offering or asking for data related to your organization. “Security professionals are now realizing that it's a very difficult environment that they're living in and to cooperate and to partner is much more beneficial than to go it alone,” says Taylor.

3 automation and analytics cost savings
Getty Images

Automation and analytics offer high reward

Automation, artificial intelligence, machine learning and behavioral analytics were less widespread than intelligence-based technologies, but they also present high levels of value. Automation and machine learning were used by just a third of companies but could offer savings of over $2 million per enterprise.  

“There are low numbers of skills in the market so we're finding clients are using more automation more AI and machine learning, using more cyber analytics, and behavioral analytics as well,” says Taylor. “There's very little spending on it, but the cost savings are quite dramatic.”

On the analytics side, the number of companies deploying technologies such as user behavior analytics is low – again just a third of companies deploying it – but could provide savings of $1.72 million.

5 identity and access management
laremenko / Getty Images

Identity and access management – a basic that’s evolving

One older technology that is still driving plenty of value is identity and access management (IAM). Used by over 60 percent of organizations, it can help reduce costs by $1.83 per organization.

“There's tons to do in IAM, especially around some privileged access management,” says Taylor. “The amount of people coming through your organization; contractors, suppliers, employee turnover, means that you're having to be much more careful about who you provide access to make sure we don't have any toxic combinations.”

As organizations shift to the cloud and move away from basic passwords, technologies around identity and authentication become an increasingly important part of an organization’s security posture, both internally and with suppliers and partners.

4 basic security cost savings perimeter controls
matejmo / Getty Images

Basic security tech doesn't drive as much value, but can’t be ignored

Many older, more well-established security technologies – data loss prevention (DLP), perimeter controls and policy management – provided the least in cost savings; all offering less than $200,000 in savings compared to their costs. “Those ‘brilliant basics’ are things we've been doing for 20 years… the things that are the bread and butter of security – but they need to double down on them,” says Taylor.

However, just because these technologies aren’t generating large amounts of value or reducing costs, it doesn’t mean they are worthless or not worth having.

“Your perimeter is much, much more complex. It's much more difficult to secure, much more difficult to understand the dynamics and changes to it,” says Taylor. “Because of that complexity you're seeing the investment you're making delivering a lower return, because it's constantly changing and how do you protect something that's really on the move all the time.”

6 demonstate value metrics
MicroStockHub / Getty Images

How to demonstrate value of security technologies and investments

Taylor says that to better get the message across to the board of the value cybersecurity investments provide to the organization, CSOs need to focus providing the right metrics and putting them in the context of risk to the business. “Boards are expecting more data-driven investment decision-making ability,” he explains. “Understanding the benefit of every pound spent giving a risk mitigation of X. They want that because the emotional business cases of yesterday are wearing thin with them.”

“If I've got a supply chain, a manufacturing plant, an ecommerce platform, a customer management system, tell me who is attacking me in those parts of my value chain and how much it's going to cost me if they if they take away some of the data.”

7 understand assets and become data driven
Tinpixels / Getty Images

Understand your assets to become data-driven

Taylor says that most organizations have immature asset inventories, and should focus on understanding what data they have and what is most valuable and then focus on those technologies and the information coming out of those solutions. “Boards don’t want 100 operational technology metrics at board level. They want to see five that give them insights with trends over time and allow them to balance their investment priorities. It relates back to the business case: if we get breached, then this will happen and we might lose X amount of our business and so therefore you need to invest Y to cover that risk.”

Rather than providing raw numbers around phishing attempts, explain whether that trend is going up or down, whether they are successful or not (and whether that success rate is changing), whether they're becoming more detailed, targeted and advanced. “Make it fact-based, data-driven."

8 getting breached is bad for business
stevanovicigor / Getty Images

Getting breached is bad for business; good for security budgets

Unfortunately, one of the best ways to show the value of security is to suffer the consequences of underinvestment. “Breaches cause more investment. One of the companies that we're dealing with had a breach and now the CSO has access to four times the amount of investment that that they had previously,” says Taylor. That’s because the breach was public and had an impact on finances and share price.

“You're encouraging firefighting rather encouraging proactive management. Proactivity is actually more beneficial to the company than reactivity. But unfortunately, the reactivity generates the emotion, which generates funding,” says Taylor.

Boards are starting to understand that if it can happen to competitors, it can happen to them, and the damage a rival suffers can be used as an example of why investment is needed.

Copyright © 2019 IDG Communications, Inc.