Thursday , 19 October 2017
Home » NEWS » THIS WEEK’S GURUS » Understanding Threat Intelligence ROI
Jonathan Martin, Anomali
Understanding Threat Intelligence ROI

Understanding Threat Intelligence ROI

Return on investment is a complicated factor to determine, as is your relative level of security. Damages from a single incident cost SMEs an average of $38K. Stay competitive by prioritising strategic security measures. Superior threat intelligence and breach detection will make you a less desirable target and give you peace of mind. Granted not every stakeholder sees value in peace of mind, so in order to get full support, make a case for the great ROI on a threat intelligence program.

Creating a solid cyber-security program requires an investment in software, its configuration, and staff to continually monitor and respond to the alerts. Even with an open source threat intelligence platform, there will be costs to justify. To determine ROI, one must determine overall investment of labour and capital against another figure that is harder to determine, the cost of events which were avoided.

Potential losses can only be estimated, but data and case studies from other successful breaches can form an educated guess about the severity of damages. Take stock of all your exploitable resources from workstation PCs up to your most guarded proprietary info and brainstorm the ways they may be exploited, stolen, sabotaged, etc. Estimate the cost of fixing the damages and consider the long term losses which could be sustained by losing a competitive advantage or losing the public’s trust in your brand.

Loss Per Incident X Yearly Incidents = ALE. To calculate ROI you must first calculate your annual loss expectancy. Try not to become overwhelmed once you assign a reasonable cash value to each of these costs:

  • Recreating deleted, sabotaged, or otherwise compromised assets
  • Investigating the breach
  • Increase in liability insurance premiums
  • Fines and other liabilities resulting from negligence
  • Making restitutions to those whose personal data was exposed
  • Lost production during down-time
  • Rising cost of fees extorted with ransomware
  • Labour and software expenses for scrubbing malware from each workstation
  • Public relations experts to perform crisis communication

Taking a long term approach to your investment in threat intelligence will give you job security. Some threats, like malware attacks, have quantifiable damages whereas other attacks cripple your operation on a bigger scale and are harder to calculate in the long run. What advantages would you lose if your competitor could benefit from your work without investing into its development? Think how tragic it would be if a preventable data breach were the turning point in your company’s downward trajectory. Other companies are taking heed; investment in IT security has increased 24% for business and government in 2015.

Before scoffing at the costs of a top notch threat intelligence program, remember that this knowledge wasn’t even available in the past. People spied on competitors and helped themselves to useful data, but there weren’t as many solid clues to their targets and identities before the Internet. History’s greatest captains of industry would surely have leapt at an opportunity to learn who has been sniffing around for secrets. Take a page from their book and pull out all the stops with regards to protecting your network.

Being able to clearly see the ROI behind a product or service really brings to the surface the need to have it in place. Now that you know there is ROI behind Threat Intelligence, learn how to build a threat intelligence program from scratch.

 

 

About Lara Lackie

Lara Lackie is a reporter for The IT Security Guru.