The results of the Hiscox Cyber Readiness Report are in, and it appears that seven of 10 organizations currently fail the cybersecurity readiness test.

That's not all: 69 percent of respondents currently see cyberthreats as the top risk to their organizations. Meanwhile, large businesses lose, on average, $1.05 million every year to cybercrime, while midsize businesses lose $578,762 in the same period, and small businesses lose $34,604.

So what does it all mean? For one thing, not nearly enough organizations are prepared to handle the onslaught of cybercrime, and the result is direct monetary harm – not including reputational damages, of course.

Secondly, organizations of all sizes need to very careful about where they spend their next dollar on cybersecurity. It's promising that, according to the report, nearly 60 percent of respondents intend to increase security spending by 5 percent or more in the year ahead. Nevertheless, throwing money into "the latest and greatest" solutions or managed services won't necessarily yield the desired results.

Cybersecurity is a business problem, and like most business problems, the solution that organizations invest in should be deliberately chosen for its demonstrable ability to generate ROI over time.

More of the wrong technology is a recipe for disaster

The first thing any CISO should look at when considering security investments are the operational requirements tied to a given resource. In other words, how much additional time and effort will be required before you actually see value?

When it comes to cybersecurity, the rule of thumb has historically been that more tools means more time spent managing those tools.

For example, deploying a security information and event management (SIEM) system is obviously nonsensical if you lack the in-house security expertise needed to properly configure, tune, and manage it. Simple enough, right?

Consider what happens, though, as you integrate more solutions to your existing SIEM. The amount of log flow data continually increases, and it eventually risks reaching a point where there's just too much data, too many alerts and not enough security analysts to deal with them.

In fact, the infamous Target breach of 2013, which compromised 70 million customers' private data, only happened because the retailer missed internal alerts. It's $1 million anti-malware system worked, but the alert wasn't given the attention it needed.

And as anyone who's paid even an iota of attention to hiring trends already knows, the problem isn't as simple as just hiring a few more security analysts. These professions are in low supply and high demand, and the annual asking price for their full-time service is high and getting higher.

So like we were saying: Be careful you pay for. You need technology that will give you more value – one that, rather than demanding more of your existing security resources, helps you maximize their efficacy.

The right less, on the other hand, is a fast-track to ROI

First, we recommend investing in your people, and not just for the purposes of retaining your security analysts. So many attacks only occur because users are manipulated by phishing scams into taking certain actions that give hackers a way in. Taking time, perhaps just 30 minutes once or twice a month, to impart best security practices on employees can go an incalculably long way toward improving security posture, and at almost no cost.

Next, you'll need to look at your next security investment from your analysts' point-of-view. They're already inundated with alerts, and that alone increases the risk of false negatives (aka misses) that can harm your organization. So how then, do you make sure that the only alerts that reach your security analysts are the alerts that are worth their time and expertise?

That brings us to our second key recommendation: Deploy a security automation platform that deeply contextualizes log data to filters out false alarms, and self-improves based on human security analyst feedback. Not only does this make better use of your most valuable existing resource (human expertise), but it also gives you a security investment that appreciates in value.

The longer your security automation platform is in use, the better it gets at weeding out false alarms. The better it gets at weeding out false positives, the better it gets at bringing potential false negatives to the attention of your analysts. Over time, this results in self-sustaining, long-term ROI on your security spend – and holistically enhanced security posture, to boot.

Blog

Related Posts

September 13, 2022 Kumar Saurabh

Why No Code Solutions Are a Double-Edged Sword

Most out-of-the-box security automation is based on a simple logic — essentially, if “this”...

Learn More

August 16, 2022 Willy Leichter

Understanding MDR, XDR, EDR and TDR

A program with proper threat detection and response (TDR) has two key pillars: understanding the...

Learn More

August 9, 2022 Willy Leichter

Intuition vs. Automation: What Man and Machine Bring to Data Security

Cybersecurity experts Colin Henderson and Ray Espinoza share their take on the automation-driven...

Learn More

August 2, 2022 Anthony Morris

Using AI/ML to Create Better Security Detections

The blue-team challenge Ask any person who has interacted with a security operations center (SOC)...

Learn More

July 26, 2022 Willy Leichter

How to Select the Right MDR Service

It can be difficult to understand the differences between the various managed detection and...

Learn More

July 21, 2022 Willy Leichter

The Evolving Role of the SOC Analyst

As the cyber threat landscape evolves, so does the role of the security operations center (SOC)...

Learn More

July 19, 2022 Kumar Saurabh

Life, Liberty, and the Pursuit of Security

As cyber threats evolve, organizations of all sizes need to ramp up their security efforts....

Learn More

July 15, 2022 Tessa Mishoe

LogicHub Security RoundUp: July 2022

Hello, and welcome to the latest edition of the LogicHub Monthly Update! Each month we’ll be...

Learn More

July 12, 2022 Willy Leichter

Security Tools Need to Get with the API Program

No cloud API is an island The evolution of cloud services has coincided with the development of...

Learn More

July 6, 2022 Willy Leichter

Why the Rush to MDR?

LogicHub recently published a survey conducted by Osterman Research, looking at changing trends and...

Learn More