Page 31 - EngineerIT November 2022
P. 31

CYBER SECURITY


                        The economy of security




                                  By Wayne Olsen, Managing Executive Cybersecurity at BCX.





        “Why should the business bother with spending money on security and what value does it really deliver?”
         The author review the various elements in the cyber security equation but comes to the conclusion that
                                     the right cybersecurity investment saves money.





             loud, virtual machines, servers, hyperscalers, as-a-Service solutions, digital twins
             and digital transformation – every one of these is a solution designed to transform
       Cthe organisation with efficiencies and functionalities that redefine its performance
        on the local and global stage. Each one is a risk. The cybersecurity threat is a constant
        and pervasive presence that’s costing companies money, loss of reputation, and is
        growing increasingly complex to manage. Surveys and statistics show a landscape that’s
        growing increasingly aggressive and the cost to business is becoming ever greater.
           According to Statista, the average cost of a data breach in the US in 2022 has risen to
        $9.44 million compared with $9.05 million in 2021 – this is a significant surge from the
        $5.5 million only ten years ago in 2012. Following this trend further, the data indicates
        that a heavy financial toll has been borne across multiple organisations. The average cost
        of a data breach, globally, in healthcare over the past year equated to $10 million, in the
        financial industry this rose to $5.97 million, and pharma to $5.01 million. These numbers
        are reflected in the IBM 2022 Cost of a Data Breach Report that revealed how nervous
        companies are right now – 83% are waiting for the breach to happen, it’s not an if; it’s a   Wayne Olsen
        when.
           This smart and relentless cybersecurity threat comes with another price tag – security   implications. Add to this the obvious
        investment. The 2021 State of Ransomware Survey and Report revealed that 72% of   savings that come hand-in-endpoint with
        cybersecurity budgets have increased and 93% had to allocate special budgets to fighting   a robust security system – not having
        the threat. Companies are investing into security across networks, cloud, endpoints,   to pay the cost of a successful attack
        identity access and more, all in a bid to ensure that the business can continue to do just   – and the fact that security woven in
        that – business.                                                                with business strategy takes the
           Within this maelstrom it is easy to see why companies often perceive            dialogue away from ‘No, you
        cybersecurity as a grudge purchase. It’s the cost that has to be paid, or   While many   can’t do that’ towards
        else. It’s the threat of what will happen if the business isn’t compliant   aspects of security   ‘Here’s how security
        or secure or prepared. Instead of an investment into the foundations   cannot be quantified   can enable that’.
        of the company, it is an expense.                          precisely and their return      While many
                                                                   on investment (ROI) not      aspects of security
        Or is it?                                                 easily measured, the value    cannot be quantified
        Sure, the cost of security is unavoidable and the cost of a breach is   of security can be felt in   precisely and their
        untenable, but there are other aspects to security investment that go   business confidence.  return on investment
        beyond simply battening down the digital hatches. The business that                  (ROI) easily measured,
        bothers with investing into a Chief Information Security Officer (CISO),           the value of security can be
        a security team, a Security Operations Centre (SOC), a Network Operations       felt in business confidence - in
        Centre (NOC), and into agile security technology isn’t just investing into tools, it’s   its ability to embark on digital initiatives,
        investing into resilience, relevance and strategic growth.                unpack new solutions and services, and
           In spite of the costs outlined above, the right cybersecurity investment saves money.   minimise the risks while maximising
        A robust cybersecurity policy structured in alignment with business strategy will minimise   the opportunities. In this way, security
        the risk of attacks and of unexpected vulnerabilities, placing your business on a far more   is defined less by what it demands
        stable foundation. This has the knock-on value across compliance mandates such as   from the business and more by how it
        POPIA and reputational value, both of which have proven long-term positive financial   transforms what the business can do.  n


                                                 EngineerIT | November 2022 | 31
   26   27   28   29   30   31   32   33   34   35   36