XDR: Contextualizing the Value of Cybersecurity

Investments in cybersecurity are tied to business outcomes, and Extended Detection and Response is a way for businesses to gain flexibility, reduce data breach costs, and contextualize security value.

abstract internet network cyber security concept picture id1072278762

Extended Detection and Response, or XDR, is a hot topic in the cybersecurity world. Enterprises are adopting it for its ability to mitigate security-alert fatigue, modernize security efforts, and adapt to the evolving threat landscape. Here, we’ll look at how XDR can maximize the efficiency of existing cybersecurity products while reducing TCO. XDR can also help transform the perception of cybersecurity on the whole.

Asset vs. liability: Cybersecurity perceptions

According to researchers, in 2021 the cost of a data breach ranged from $1.93 million for the public sector to $9.23 million for healthcare. In the Asia-Pacific region alone, a joint study by Frost & Sullivan found that the mean economic loss from an attack on a large healthcare organization was an astonishing $23.3 million in 2017, which likely would be even larger today. Besides direct economic losses due to business and sales disruptions, cyberattacks can lead to loss of reputation, penalties, and other indirect costs. Despite the potential expenses and disruption of cyberattacks, for years cybersecurity has been viewed as merely a cost center and means to meet regulatory compliance.

In a recent Frost & Sullivan survey, nearly 40% of respondents cited a lack of awareness of the implications of data breaches as a chief impediment to improving security posture. Nearly as many, 36%, noted difficulty in communicating the importance of cybersecurity at the board level. It’s no surprise that almost a quarter of the participants reported reduced security budgets in the last year.

picture1 Hillstone Networks

Figure 1: The most common component in security roadmaps is restructuring management security perception. Source: Frost & Sullivan.

Essentially, organizations are reluctant to invest in cybersecurity because it’s viewed as an expense rather than part of risk management. This viewpoint is more prevalent in smaller organizations, since they devote larger proportions of budget to more essential systems. Dynamic changes to the business environment, such as the remote working phenomenon, also add to the reluctance to commit to capital-intensive security projects.

picture2 Hillstone Networks

Figure 2: The risk of data breaches has increased significantly over the past year. Source: IBM.

Nonetheless, soaring cybercrime and increasing regulations have caused organizations to rethink cybersecurity. A joint report from IBM showed that organizations that have undergone digital transformation have seen an average $750,000 reduction in data breach costs. Organizations with mature zero trust strategies saw average reductions of $1.8 million, indicating that the cost of breaches correlates with organizations’ digital maturity and cyber-maturity.

XDR can flexibly support enterprise cybersecurity

Cyber maturity and investments are directly tied to business outcomes, and XDR is one way in which businesses can enable flexibility, drive down data breach costs, and contextualize cybersecurity’s value.

With a subscription-based approach and minimal hardware requirements, the initial investment in XDR is typically much lower than traditional on-premises point security solutions. XDR can even help medium to small businesses because the cost is distributed over time rather than up-front. XDR’s ability to derive insights from across the threat environment also allows it to provide business context to cybersecurity, aiding in management’s perception of security.

For example, management can compare the areas most targeted by cyberattacks with relative security investments to create a priority list for future cybersecurity expenditures. This data can also be used to assess cybersecurity risk to the bottom line.

XDR can maximize existing cybersecurity investment

XDR helps protect existing security investments in two ways: Mitigating the costs of siloed, disparate security solutions, and extending the value of security solutions at risk of obsolescence. The multivendor environment common in many organizations brings both noticeable and hidden costs. For example, silos created from security solutions that can’t communicate with each other automatically incur costs and time for manual integrations and causes employee burnout. XDR can break down silos by serving as a hub connecting all deployed solutions, normalizing data and mitigating integration costs.

XDR can also help revitalize older security solutions through its ability to tap into deeper metadata and perform cross-layer detection and response. Each deployed security solution thus feeds contextual information into XDR — raising overall security posture. XDR could even open up new use cases, even for older solutions.

How to get XDR to work for you

As a relatively new technology, it’s important to maximize the value of XDR by working closely with your vendor during evaluation and implementation. These vendors are usually highly experienced in cybersecurity that have established expertise in adjacent security fields like next-generation firewalls (NGFWs).

To learn more about XDR, view our white paper.






Copyright © 2022 IDG Communications, Inc.