Calculating Security ROI, or "Halloween’s Over, So Why is my Vendor Trying to Scare Me?" - Exabeam

Calculating Security ROI, or “Halloween’s Over, So Why is my Vendor Trying to Scare Me?”

Published
November 30, 2016

Author
admin

Certain technology categories lend themselves well to ROI analysis. Want to replace your old storage array with a new flash array, or your old backup technology with something new? It’s probably not too difficult to work out the payback numbers. Security, on the other hand, has been more resistant to clear ROI analysis. Vendors either give out scary per-company breach averages from Ponemon, or build some other detection-based cost-benefit number. Over time, CISOs and their brethren in Procurement have learned to discount these numbers.

UEBA is interesting because, while most buyers look at it from a breach detection lens, there is also a significant and clear operations angle to behavioral analytics for security. In practice, we’ve found that operations, in the form of incident response, is not something that many security engineering professionals have experienced. Where security engineering professionals focus on detection, algorithms, and architecture, incident response pros spend their time managing alerts, incidents, and investigations. It’s here that operational efficiency comes into play, and here that ROI can be more easily calculated.

For example, security operations centers handle some number of alerts per month, usually in the thousands. Some percentage get handled, the rest are ignored. Some of the ignored alerts had meaning and should have received attention. Each handled alert takes some amount of time, on average. Some number of alerts spawn incidents and each incident takes some other amount of time, on average. There are more details, but in general, incident response operations are more easily modeled and quantified than trying to estimate ROI using security scare stories. Determining payback will help support your hiring and technology plans.

Recent Information Security Articles

Exabeam/KPMG Joint Special Session After Report

Read More

New CISO? 5 Things to Achieve In Your First 90 Days

Read More

Our Customers Have Spoken: Exabeam named a 2021 Gartner Peer Insights™ Customers’ Choice for SIEM

Read More

What Is XDR? Transforming Threat Detection and Response

Read More

Exabeam Cyberversity: A Resource for Cybersecurity Professionals

Read More



Recent Information Security Articles

7 Detection Tips for the Log4j2 Vulnerability

Read More

Exabeam/KPMG Joint Special Session After Report

Read More

New CISO? 5 Things to Achieve In Your First 90 Days

Read More

5 Security Questions to Consider this Holiday Season

Read More

Our Customers Have Spoken: Exabeam named a 2021 Gartner Peer Insights™ Customers’ Choice for SIEM

Read More