How to Optimize Your Cybersecurity Spend

Effective cybersecurity depends on adequate funding. The C-suite who consider cybersecurity as a cost-centre and restrict funding shoot themselves in the foot. The backbreaking fines for data breaches and loss of reputation make cyber-security a top budget priority. But throwing more money into cybersecurity blindly does not improve cybersecurity. 90% of CIOs admit their enterprises waste millions of dollars on ineffective security solutions. Spending wisely to maximize the ROI of the cyber-security budget is a challenge. This technology blog lists four ways to allocate the cybersecurity dollar effectively.

1. Protect the Infrastructure

Cybersecurity is becoming more and more complex with every passing day. But the edifice of a good cyber-security approach depends on getting the basics right. Make sure the first allocation of the cybersecurity budget is on the basics, to secure the infrastructure.

Deploy anti-malware and antivirus suites to protect endpoints devices and operating systems. A centralised endpoint management platform improves visibility and simplifies network operations.
Set up firewalls to protect the network from attacks.
Update software. Out-dated software contains vulnerability and increases the risk to the network. Promptly update the patches released by developers, to fix bugs and vulnerabilities.
Conduct periodic network audits to identify vulnerabilities. Deploy penetration testing software and packet crafters to test the integrity of the deployments.

Remote work renders many of the traditional perimeter protection deployments obsolete. The enterprises of today cannot afford to ignore:

Access and authentication technologies. Develop policies and deploy tools to restrict access.
Networking monitoring solutions such as web scanners, packet sniffers, and intrusion detection systems. Deploy these tools to detect advanced persistent threats, polymorphic malware and other stealthy exploits. Without these tools, many threats go undetected for months on end.
Encryption technologies such as WAP2, prevent interception of sensitive traffic. Deploy encryption at the endpoints, emails and disks, to prevent data exfiltration.
Email gateways, to block phishing and social engineering attempts. Route all email traffic through such gateways to identify spam and emails with poisonous links. Google offers highly effective spam and malware filters.

2. Protect the Data

The safety and integrity of commercially sensitive data rest on network users. Enterprise users are the weakest links in the cybersecurity chains. No security software or hardware protects the data if an authorised user makes a mistake.

Invest in:

Data backup and replication to protect against data loss, ransomware attacks, and other threats to data.
A robust data protection plan. Include policies for data sharing, consent tracking, data portability. Breach notification, and more.
Standard Operating Procedures for employees, ingrained into the employee induction program.
Spreading awareness. The only effective protection against social engineering tactics such as phishing is awareness.
Collaterals such as posters, contests, and tip-of-the-day emails to reinforce awareness.
Periodic refresher courses in safe browsing and other aspects of network security.
Mobile security policies. The nature of threats to mobile devices and the protection required differ greatly from conventional approaches to network security. Develop policies for BYOD policies and connecting to public networks. Install remote wipe option, to protect data in case of smartphone theft.

3. Invest in Skills

Technology alone is not enough to keep cyber attackers at bay. Enterprises need resourceful and skilled heads to establish policies and configure the deployments.

Two out of every three enterprises report a shortage of skilled or experienced security personnel. Companies would do well to allocate a significant chunk of their security budget to:

Headhunt talent. SMB’s could rope in freelance security experts or qualified managed services providers if the dedicated talent is expensive.
Launch training programs to develop in-house talent in cybersecurity.
Educate supervisors and managers on how to remain resilient in the face of cyber-risks. Develop detailed incident response plans and disaster recovery plans. Monitor and revise such plans for gaps or weaknesses regularly. Use testing and review as additional training opportunities.

4. Invest in Analytics and Artificial Intelligence

Today’s cyber threats have become complex. Hackers deploy AI-based malware to crack passwords, detect vulnerabilities, and run botnets. The self-learning capabilities of AI-based tools supercharge traditional cyberattacks. For instance, AI-powered malware deep-scans the network and pries open new doorways for hackers to access networks.

Emotet, a phishing Trojan, leverages AI to move away from the generic email text such as “Please see attached…” sent by phishers. The malware uses natural language to tailor messages to individuals.

Advanced AI-based analytics tools cost a sizable sum. But the investment is worth it to detect intrusions and misuse. These tools identify threats in seconds and trigger prompt automated responses.

Forward-looking CIOs need to convince the C-suite to increase their security budget, to invest in:

Automation solutions. Today’s complex network co-opts an ever-increasing number of devices and handles massive amounts of data. Managing, and securing everything manually is no longer within the bounds of human capabilities. Automated systems aid network admins to remain in control. It eliminates error-prone manual practices and shuts the door to malware seeking to capitalise on the vulnerability caused by such errors.
Threat intelligence tools, to analyse raw data and logs and to deliver actionable intelligence. Machine-learning classification of data detect zero-day threats in near real-time
- Security Incident and Event Management (SIEM) tools offer deep contextual insights into potential threats.
- Behaviour Anomaly Detection (BAD) tools detect abnormal traffic, enabling prompt countermeasures.
- Security analytics, intelligence, response, and orchestration software (AIRO) suites offer end-to-end protection, by analysing network traffic and making prompt countermeasures.
Actionable threat forensics to allow administrators to isolate infections.

Gartner estimates the optimal spend on network security at between 4% and 7% of the total IT budget. But unless enterprises spend their security budget wisely, they will end up throwing good money after bad. Effective network security depends on a good plan, customised to the specific nature of the threat faced by the enterprise. The best CIOs identify the strengths and weaknesses of the network and pinpoint areas for improvement. They focus on the assets worth defending and seek out the most effective way to do so.

Nayab Naseer

Nayab Naseer has a master's degree in business management and a honours diploma in computing. He has over 15 years of global work experience spread across aviation, logistics and information technology industries. He's a tech enthusiast and an avid explorer.