Spending Your Budget on the Right Security Tools

Spending Your Budget on the Right Security Tools

Spending Your Budget on the Right Security ToolsSpending Your Budget on the Right Security Tools

The cost of cyber-crime increases, yet firms still misdirect their priorities by spending on ineffective security tools instead of investing in new technologies.

Successful Breaches Per CompanySuccessful Breaches Per Company

Successful breaches per company have risen 27% annually, from an average of 102 to 130. Ransomware attacks alone have doubled from 13% to 27%.

Information Loss Was LargestInformation Loss Was Largest

Information loss represented the largest cost component, rising from 35% in 2015 to 43% in 2017.

Spending Too Much On Wrong TechSpending Too Much On Wrong Tech

Of nine security technologies, five had a negative value gap: The percentage spending level was higher than the relative value to the business.
Advanced perimeter controls: -4,
Extensive use of data loss prevention: -4,
Deployment of governance, risk, compliance: -3,
Extensive deployment of encryption: -2,
Automated policy management: -1

Technologies That HelpTechnologies That Help

Three technologies had positive rank ordering by spending levels and cost savings.
Security intelligence systems: +6,
Use of cyber-analytics and user behavior analytics: +5,
Automation, orchestration and machine learning: +3,
Advanced identity and access governance: =

Widely Deployed Security TechWidely Deployed Security Tech

The two most widely deployed security technologies are security intelligence systems (67%) and advanced identity and access governance (63%). They deliver cost savings of $2.8 million and $2.4 million, respectively.

No Fast TracksNo Fast Tracks

Spending on governance, risk and compliance technologies and automated policy management is not a fast track to increased security. They showed the lowest effectiveness in reducing cyber-crime costs (9% and 7%, respectively) out of nine security technologies.

Focus on Tech InnovationsFocus on Tech Innovations

Innovative technologies are generating the highest ROIs, yet investment in them is low. Cyber-analytics and user behavior analytics, as well as automation orchestration and machine learning ranked lowest for deployment (32% and 28%, respectively), but they provide the third and fourth highest cost savings.


Build cyber-security on a strong foundation. Invest in security intelligence and advanced access management, and recognize the need to innovate.


Perform extreme pressure testing. Don’t rely on compliance alone to enhance your security profile. Use extreme pressure testing to identify even the most highly motivated attacker.


Invest in innovation. Balance investments in analytics and artificial intelligence to enhance program effectiveness and scale value.

Karen A. Frenkel
Karen A. Frenkel
Karen A. Frenkel is a contributor to CIO Insight. She covers cybersecurity topics such as digital transformation, vulnerabilities, phishing, malware, and information governance.

Get the Free Newsletter!

Subscribe to Daily Tech Insider for top news, trends, and analysis.

Latest Articles