The best outcome from a well-executed cyber security strategy should be that a business experiences no change or disruption to their operations or systems in the case of an external threat
However, while this is undoubtedly a positive outcome, being a silent unsung hero can become a major obstacle when it comes to proving ROI. With a lack of visible results to share, you may find yourself answering questions from business leaders about the true value of cyber security.
While avoidance of damage from cyber attacks should arguably be seen as justification for cyber security investment alone, if the outcome is invisible, the risk is that this investment comes under the spotlight and its validity called into question.
So, with cyber security investment spanning technology, people and processes, how best can you demonstrate the tangible ROI of your cyber security investment?
Define your strategy
First and foremost, ensure you have a defined and layered security strategy to provide you with the best possible protection from reputational or financial as a result of either a cyber-attack or breach. Numerous examples of previous years have laid bare the consequences of failing to keep customers’ personal data secure from cyber threats, such as the £18.4m fine levied at Marriott International in 2020.
Demonstrate competitive advantage
To truly demonstrate the value of your cyber security investment, make sure you emphasise the impact having effective security protocols has across the business. For many companies, cyber security is a prerequisite for business engagements, particularly for larger organisations or those that work with government. By having good security credentials and robust processes, businesses can open up markets and revenue streams that were previously impossible to attain, proving the long-term ROI of a cyber investment.
Maximise your technology investment
Maximising your cyber security investment is crucial to demonstrating ROI. There are tangible ways you can achieve this by driving greater efficiencies – and one area ripe for improvement is reducing the time it takes to cut through the noise created by outdated technologies, particularly when it comes to monitoring and response.
Old-fashioned technology stacks will typically produce multiple alerts, meaning you need to review and apply your own expertise before devising a response. However, developments in artificial intelligence now enable patterns and behaviours across technologies to be identified in real-time, reducing noise to a few actionable alerts.
Newer Managed Detection and Response (MDR) solutions offer great benefits in terms of driving efficiencies and demonstrating ROI. By combining artificial intelligence, automation and human analysis to detect and act on cyber threats, they can reduce cyber risk and the dwell time of breaches enabling your team to focus efforts in other areas.
The best forms of MDR utilise Extended Detection and Response (XDR) technologies which allow detection and response across endpoint, network, web and email, cloud and importantly identity. This means you can protect all users, assets, and data, regardless of where the attack comes from. Similarly, by opting for a solution that leverages existing investments in Microsoft 365 licensing, you can consolidate your security suppliers and reduce your overall security technology budget, whilst increasing security coverage and visibility. Having separate solutions incurs significant costs and by consolidating with the right MDR solution you could easily recognise up to £100k a year in costs savings.
Finally, consider adopting an MDR solution that is available as hybrid security operations centre. This gives you the flexibility to tailor it to your needs, while also helping to build the right skills in-house within the partnership, again enabling consolidation of security suppliers.
Gaining confidence from the board
Cyber-attack methods and motives will continue to evolve and you need to make informed decisions about potential risks and mitigate them via the correct security processes, technology and controls. While proving ROI has potentially been difficult for security teams historically, by putting in place the right strategy, clear communication channels and leveraging the right technologies such as MDR this can be easily overcome.
Solutions such as these help drive digital transformation across the business, enabling your organisation to adapt to the growing digital economy and face evolving threats with greater confidence. And it’s this business case that you can put forward to win support from senior management and the board.
About the Autho
Martin Riley joined Bridewell in 2021 as Director of Managed Security Services. A Board Director, he is responsible for leading the continued growth and scaling of Bridewell’s Managed Security Service portfolio, including the Security Operations Centre (SOC) and Managed Detection and Response (MDR) service. Bridewell Consulting is an NCSC Certified Cyber Security Consultancy providing high quality cyber security services.
Featured image: ©RD Vector