CyVent
Recent Posts
Calculating ROI for Your Cybersecurity Project: How to Choose the Right Security Tools
CISOs and Board members face a balancing act as they look to build out strong security programs. What tools are truly worth the investment versus the costs of a damaging cyber attack? Though well-known, the potential repercussions of a data breach are still alarming. By some estimates, cybercrime damages will reach $10 trillion by 2025, up from $4 trillion in 2021.
For both CISOs and Board members, a thorough cybersecurity strategy is a critical way to address business risk and promote business health and longevity. The risks at stake, in addition to regulatory scrutiny as well as compliance concerns - think GDPR - are motivating Boards to take a closer look, and they're turning to CISOs for insight. The challenge for CISOs is selecting the best tools from a sea of offerings and then working with the Board and senior execs to deploy them within the organization.
By calculating cybersecurity ROI, CISOs can quantify the value of a new security project to Board members, demonstrate the financial impact of the security budget and how it aligns with the business's overall strategic goals, and foster faster decision-making.
Calculating ROI for Cybersecurity
At a basic level, one way of calculating a company's cybersecurity ROI involves taking the average cost of an incident and multiplying that number by how many incidents a business might experience in a given time frame. With an approximation of potential expenses, companies can then assess whether the price of the solution and the reduction in incidents it will bring is worth the investment.
Of course, many more factors come into play, which is why calculating cybersecurity ROI is notoriously challenging. The equation also has to represent issues at stake beyond dollars and cents, including potential loss of intellectual property, loss of reputation, and business disruption. There are numerous formulas for calculating cybersecurity ROI, and much research has been done on the subject. How to Measure Anything in Cybersecurity Risk by Douglas W. Hubbard and Richard Seiersen is a good example and a highly recommended resource for an in-depth exploration.
The bottom line is that breaches are expensive. Calculating cybersecurity ROI starts a conversation about whether investing money upfront to prevent a major disruption outweighs the small probability of a significant breach and its ensuing costs.
However, let me propose that many ROI calculators on the market may not be worth your executive time. Would you be intrigued or incredulous?
Identifying Cybersecurity Metrics
False Alerts
Let's reframe the perception of false alerts. Rather than dismissing them as mere nuisances, consider this: what if these false positives are draining your resources like slow, incremental financial leaks? According to the Ponemon Institute, false positives cost enterprises an average of over $1.3 million in lost revenue annually. If you are not tracking this, you are essentially ignoring a significant six-to-seven-figure problem.
Critical Alerts
Critical alerts for security breaches are often easy to prioritize but hard to cost-justify, often falling into the "priceless" category. However, are they truly priceless? According to IBM, identifying and containing a data breach takes an average of 277 days. What cost opportunities are being missed during this timeframe?
Cost Efficiencies: Moving from False to Critical Alerts
The cost-benefit analysis around alerts often remains rudimentary. Have you considered how much it costs to resolve false alerts, both in the money saved in terms of labor hours and opportunity cost? Conversely, how cost-effective are your incident response measures for critical alerts? Understanding this data is a fundamental aspect of any meaningful ROI conversation.
Where to Find ROI Calculator for Cybersecurity
Evaluating Metrics to calculate Cybersecurity ROI is important, but so is the calculator that doesn't generate generic numbers or require a degree in divination to interpret in any actionable way. However, there are calculators specifically designed for the C-suite, considering the uniqueness of your industry, security posture, and amount of critical/false alerts.
Look for the CyVent Cybersecurity ROI Calculator developed by CyVent's leadership team that incorporates False and Critical Alerts. A properly calibrated ROI calculator can offer you data points that are quantitative and highly qualitative in value, providing actionable insights for enterprise board-level strategy discussions.
Benefits of Calculating Cybersecurity ROI
Implementing a cybersecurity protocol and calculating its ROI has been proven to have substantial benefits.
According to a recent study conducted by security leaders IBM, it is projected that the average cost of cyberattacks will soar to an astonishing $4.45 by 2023, reflecting a significant 15% increase over the past three years.
Moreover, an alarming 51% of organizations are actively planning to fortify their security investments in response to breaches. These investments will encompass a range of measures, including comprehensive incident response (IR) planning and testing, robust employee training, and the implementation of advanced threat detection and response tools.
These figures underscore the importance of investing in cybersecurity measures and, with ROI calculations, comes a risk assessment and management, helping businesses understand the comprehensive value these security measures bring in preventing colossal damages.
Remember, Calculating ROI benefits are not standalone – they intertwine and amplify each other, creating a comprehensive, robust cybersecurity framework.
Understanding the Value of Cyber Tools
Organizations often find themselves inundated with many cyber tools and solutions in today's complex cybersecurity landscape. With vendors constantly pitching new offerings to address emerging threats, it becomes crucial for CISOs to evaluate and justify the value of these investments. Calculating cybersecurity ROI provides a systematic approach to determining the worth of a particular tool or solution in the context of an organization's unique security environment.
Evaluating and Prioritizing Security Solutions for Risk Management
With numerous options available, CISOs face the challenge of deciding which security solutions to invest in. By calculating ROI, CISOs can objectively compare different options and have the proper security control. A comprehensive ROI analysis considers factors such as the total cost of implementation, anticipated risk reduction, and the impact on operational efficiency. This evaluation process enables CISOs and security teams to prioritize security solutions based on their expected return on investment.
Achieving Peace of Mind and Problem Resolution
One of the key goals of calculating cybersecurity ROI is to provide CISOs with peace of mind and problem resolution. By understanding the potential value of a security solution, CISOs can make informed decisions about which problems it will solve and the level of peace of mind it will provide. Effective cybersecurity investments mitigate the risk of cyber threats or data breaches and contribute to operational stability, data protection, and regulatory compliance.
Communicating Cyber Risk to the Board
For CISOs, effective communication with the Board is crucial. Security Executives hold increasing responsibility for cybersecurity decisions, considering the regulatory, reputational, and business risks involved. Calculating cybersecurity spending enables CISOs to articulate the reality of cyber risk and provide the Board with the necessary information to make informed decisions. By presenting ROI figures, CISOs and Security analyst can highlight the financial risk and strategic implications of various cybersecurity investments, strengthening their ability to advocate for effective security measures with an appropriate, in-house security team and budget.
Aligning Cybersecurity with Overall Business Strategy
To gain board support and secure adequate resources, CISOs must align cybersecurity with the overall business strategy. Calculating ROI allows CISOs to demonstrate how the cybersecurity budget contributes to the organization's increased efficiency in protecting data, preventing cyberattacks, and complying with the latest regulations. By quantifying the potential return on investment, CISOs can showcase the value that effective cybersecurity measures bring regarding brand reputation, customer trust, and operational resilience. This alignment enhances the Board's understanding of cybersecurity as integral to the organization's strategic objectives.
Embracing Security Tools with Proven ROI
The Importance of a Layered Security Approach
Understanding the Attack Surface
You must be familiar with the concept of a layered security approach. However, it's crucial to consider that not all layers are equally effective. It's not just about having multiple layers; it's about having intelligent layers that actively learn from each other. Each layer must adapt and communicate in real-time to ensure effectiveness with the ever-expanding attack surface.
Recent Advancements in Cybersecurity Technology
As technology evolves, so do the threats. Enter AI-powered threat detection, behavioral analytics, and predictive modeling. These technologies are not mere buzzwords. They have demonstrated remarkable ROI by significantly reducing both breach instances and dwell time, the duration that threat actors have unauthorized access to your system.
The Power of Cybersecurity Artificial Intelligence
AI for Incident Reduction
Have you ever considered that AI could be your cybersecurity cost-saver? Predictive analytics and machine learning can significantly improve risk management and decrease the number of security incidents, too. Remember, every incident you prevent translates to saved dollars and, potentially, a protected reputation.
AI vs. AI: Staying Ahead of Attackers
This is not a scenario from science fiction; it is the reality of cybersecurity today. We are moving towards a world where it's AI against AI. If threat actors leverage AI to create more intelligent attacks, your AI-driven solutions must be even smarter, faster, and continuously adaptable.
The Efficiency of Automation
Streamlining Incident Management
Automation is not about replacing human expertise; it's about enhancing it. Incident management becomes effortless when mundane tasks are automated, allowing your IT teams to focus on complex issues that require human intuition.
Boosting Productivity in IT Teams
Imagine what your skilled IT teams can achieve when freed from routine tasks. Automation brings impressive ROI through cost avoidance, significantly reducing the time spent on incident responses and enabling your team to concentrate on strategy and innovation.
Reach out to our team
The cybersecurity landscape is genuinely complex. At CyVent, for example, our mission is to support CISOs as they select and sort through the different offerings on the market. Calculating cybersecurity ROI helps prepare for the coming environment where the fight will be AI vs. AI, and companies that do not have the appropriate AI talent and tools may be at a disadvantage.
We're just an email or a phone call away, eager to provoke your thoughts and arm you with the tools to preempt more and remediate less.
Ever been tempted to download the beta version of your favorite app, ready to test out all the cool new features before everyone else?
STOP!!
The FBI has some news that might make you think twice.
Cybercriminals have come up with a brand new trick to lure us into their lair. They’re hiding malicious code in fake beta versions of popular apps, turning unsuspecting people’s mobiles into their personal piggy banks.
Now, don't get us wrong, we love innovation as much as the next team of tech enthusiasts. But whilst beta versions have a certain allure, they haven't gone through the rigorous security checks that apps in the official app stores must pass.
Criminals send fake emails pretending to be the developers of popular apps, offering early access to new beta versions.
But of course, they’re fake, too. Once installed, they can do all sorts of bad things, including accessing data from your finance apps and even taking over your mobile.
If your staff downloads them onto company devices, could your business be compromised?
There’s a moral to our story. And it's a simple one: Patience is a virtue.
Hold off on downloading beta versions of apps. Wait until they're stable and officially released in app stores. Good things come to those who wait, and that includes secure apps.
If you have downloaded beta versions in the past, keep an eye out for red flags like faster battery drain, poor performance, persistent pop-up ads, and apps asking for unnecessary permissions.
In this digital age, we must be as smart and savvy as the technology we use. So, before you hit download, take a moment to think: is this app worth the risk?
Train your staff to think the same way. And if you do give them business mobiles, consider a Mobile Device Management solution to control what they can do with them.
If you're concerned about the security of your mobile devices and need expert guidance, Book a strategy call with CyVent today.
We'll help you safeguard your business information and provide tailored cybersecurity solutions for your unique needs.
You’ve checked your pockets, your bag, under pillows … and then it hits you. You left your work phone on the table at the coffee shop.
You panic.
It's not the device itself that’s got you worried, but all the sensitive business information stored on it. If that mobile ends up in the wrong hands, you’re facing a nightmare.
But that worry could be over. Microsoft and Samsung are joining forces to make your work mobiles safer. This month, they’re launching a groundbreaking solution to help protect anyone who uses a Samsung Galaxy device in the workplace.
How?
With something called on-device attestation. It lets companies see if mobile devices have been compromised, even at their deepest components. Think of it as a security guard for your cell phone.
Samsung brings its software and hardware innovations to the table, whilst Microsoft provides its endpoint management expertize.
And whilst other device attestation tools require a network connection and access to cloud services, this solution works reliably regardless of network connectivity or device ownership model.
This solution will be released alongside Microsoft Intune (previously known as Windows Intune), a unified endpoint management service for both corporate devices and BYOD (Bring Your Own Device). And it will be available to select Samsung Galaxy smartphones and tablets, especially those "Secured by Knox".
So, whether you're working from the office, a busy coffee shop, or a remote cabin in the woods, you can rest assured your device is safe.
In business, your mobile is more than just a communication device. It's a vault of sensitive (and valuable) information. And with Microsoft and Samsung on the case, that vault just got a lot safer.
If you're concerned about the security of your mobile devices and need expert guidance, Book a strategy call with CyVent today.
We'll help you safeguard your business information and provide tailored cybersecurity solutions for your unique needs.
You're no stranger to the endless threats lurking in your email inbox. But have you ever considered that an email that seems to be from Microsoft could end up being your worst nightmare?
Microsoft, the tech giant we all know and trust, has become the most imitated brand when it comes to phishing attacks. That's where cybercriminals send you an email that contains a malicious link or file. They're trying to steal your data.
And while Microsoft isn't to blame for this, you and your employees need to be on high alert for anything that seems suspicious.
During the second quarter of 2023, Microsoft soared to the top spot of brands imitated by criminals, accounting for a whopping 29% of brand phishing attempts.
This places it well ahead of Google in second place (at 19.5%) and Apple in third place (at 5.2%). Together, these three tech titans account for more than half of the observed brand imitator attacks.
But what does this mean for your business?
Despite an apparent surge in fake emails targeting millions of Windows and Microsoft 365 customers worldwide, careful observation can help protect you from identity theft and fraud attacks.
While the most imitated brands change from quarter to quarter, usually cyber criminals are less likely to change their tactics.
They use legitimate-looking logos, colors, and fonts. Phishing scams frequently use domains or URLs that are similar to the real deal. But a careful scan of these and the content of any messages will often expose typos and errors – the tell-tale signs of a phishing attack.
One of the latest attacks claims there has been unusual Microsoft account sign-in activity on your account, directing you to a malicious link. These links are designed to steal everything from login credentials to payment details.
And while tech firms continue to be popular scam subjects, many cybercriminals have turned to financial services like online banking, gift cards, and online shopping orders. Wells Fargo and Amazon both rounded up the top five during Q2 2023, accounting for 4.2% and 4% of brand phishing attempts, respectively.
What can you do to protect your business?
The answer is more straightforward than you might think. The best course of action when it comes to phishing is to slow down, observe, and analyze. Check for discrepancies in URLs, domains, and message text.Safeguarding your business against phishing threats is of paramount importance. To fortify your defenses and stay informed, we encourage you to explore our free recorded webinar on cyber insurance. This insightful resource provides valuable insights and strategies to protect your organization from cyber threats and meet insurance requirements.
Don't wait for the next phishing attempt - take proactive steps to enhance your cybersecurity posture.
Microsoft is planning to enable Multi-Factor Authentication (MFA) directly in its Outlook app for many 365 business users.
MFA is a vital tool to help protect your online accounts from cyber criminals. It works by generating a second, single-use passcode every time you log into an account. It’s usually sent to an authenticator app on your phone that you have to download and set up first.
Security codes can also be sent via SMS text message, by a phone call, or you might be given a special USB key to plug into your computer.
The process is often made quicker by using a biometric login like your fingerprint or face ID. It’s a minor chore, but the protection it offers far outweighs the couple of extra seconds it takes to access your account.
Microsoft isn’t so sure about those extra seconds, though. If the tech giant can save you that time, it’s going to do it. That’s why it’s looking to streamline MFA for Microsoft 365 business accounts.
It’s rolling out the improvement by building MFA directly into the Outlook app in a feature called Authenticator Lite. Until now, it’s relied on a separate authenticator app or sending login codes.
There’s no news yet for those of us who want faster authentication on our personal PCs. If Microsoft does announce plans to make this feature available to more hardware or operating systems, we’ll update you with any news.
If you don’t already use MFA for your apps and online accounts, we recommend that all businesses implement it as soon as possible. The additional security it offers protects against the vast majority of today’s cyber threats.
For more help and advice about implementing MFA or getting the best from Microsoft 365, just get in touch.
Published with permission from Your Tech Updates.
If we talk about ‘bots’ you’d be forgiven for thinking of the amazing AI chatbots that have been all over the news lately.
But this isn’t a good news story. Bots are just automated programs, and bot malware is a worrying new security risk you need to defend your business against.
Malware bots are particularly dangerous because they steal whole user profiles – that’s a complete snapshot of your ID and settings. This potentially allows cyber crooks to bypass strong security measures like Multi-Factor Authentication (MFA).
Usually, if a criminal steals your username and password, they still can’t access your account because they don’t have access to your MFA authentication method. But with your whole profile available to them, using your cookies and device configurations, they can trick security systems and effectively switch off MFA.
Once profile information is stolen, it’s sold on the dark web for as little as $5.
And it’s not even super-sophisticated cyber criminals deploying this technique. Just about anyone can obtain your details and use them for phishing emails, scams, and other criminal activity.
Since 2018, 5 million people have had 26.6 million usernames and passwords stolen, giving access to accounts including Microsoft, Google, and Facebook.
All this means there are things you need to do – right now – to keep your profiles and your business protected from bot malware.
- Update your antivirus software and keep it on at all times.
- Use a password manager and Multi-Factor Authentication to keep your login credentials safer
- And encrypt all your files so that, if anyone does access your profile, there’s very little to steal.
These are the things we help our clients with every day. If we can help you, just get in touch.
Published with permission from Your Tech Updates.
Our phones are a goldmine of private information. Just think of all the financial details, personal messages, banking apps, photos and contact information that live behind that little glass screen.
And if your team use phones for work, they’ll often have access straight into company systems – email, contact lists, network access, file systems. So if they’re not kept as secure as any other device in your workplace, they can become a gaping hole in your cyber security.
Criminals know this, of course, which is why they target us through our phones just as much as they do through our networks and servers.
But cyber crime isn’t the only concern. Just losing your phone, or having it stolen, can put your data at huge risk.
So, whether you issue company smartphones, or your employees use their own, you should make sure everyone implements some simple security steps to protect your data and avoid disaster.
- Start with making sure your people set up a PIN and a biometric login (like a fingerprint or face scan) to open the device.
- Only install apps from trusted sources to make sure you’re using genuine software.
- And enable Multi-Factor Authentication on all apps that store even a small amount of sensitive data.
- Be careful about where you connect to Wi-Fi. If you work remotely or often connect to public networks, consider using a VPN – a Virtual Private Network – to add another layer of security. You never know who’s monitoring traffic on a public network.
- Finally, ALWAYS make sure your phone is running the latest version of its operating software, and keep all apps up to date.
Smartphones have changed so much about the way we live – at home, and at work – but it’s too easy to take them for granted. And that could be a costly mistake.
If you need help to keep your smartphones safe, just get in touch.
Published with permission from Your Tech Updates.
The whole world is suddenly talking about Artificial Intelligence.
From Alexa in your kitchen, to Siri on your phone, AI is already all around us, but new names like ChatGPT, Dall-E, Jasper and more feel like they’ve blown up the internet.
These new concepts take things WAY further, helping us to write articles, search the web with natural conversation, generate images, create code, and introduce new ways to make our daily lives even easier.
But emerging technology nearly always launches in a blizzard of geek-speak before it settles into everyday life. Early PC users might remember the ‘DOS prompt’. And when did you ever have to ‘defrag’ your phone?
Experts believe that these new AI tools will become the building blocks of a whole new world of tech, redefining the way we interact with computers and machines.
So let’s help you decode some of the terms you’ll hear this year.
Chatbot
Starting with the basics, a chatbot is an app that mimics human-to-human contact. Just type or speak normally, and the chatbot will respond the same way. ChatGPT is a chatbot. If you haven’t tried it out yet, give it a go.
Deep learning
This is the technique that’s used to imitate the human brain, by learning from data. Current search tools and systems use pre-programmed algorithms to respond to requests. AI tools are trained on concepts and conversations in the real-world, and learn as they go to provide human-like responses.
Machine intelligence The umbrella term for machine learning, deep learning, and conventional algorithms. “Will machine intelligence surpass human ingenuity?”
Natural Language Understanding (NLU) helps machines understand the meaning of what we say, even if we make grammatical errors or speak with different regional accents.
Weak AI is the most common form of AI in use right now. Weak AI is non-sentient and typically focuses on a single or small range of activities – for instance writing, or repurposing video content. Strong AI, on the other hand has the goal of producing systems that are as intelligent and skilled as the human mind. Just not yet.
This is just the tip of the iceberg, but trust us – you’re going to be hearing a lot more about AI in the months and years to come.
If you’d like more help to understand how AI might form part of your business, just get in touch.
Published with permission from Your Tech Updates.
Have you ever tried to buy tickets for a huge event and found that the seller’s website has collapsed under the weight of thousands of people all trying to do the same thing at the same time?
The ticket site falls over – usually temporarily – because the server is overloaded with traffic it doesn’t have the capacity for.
Criminal Distributed Denial of Service attacks – DDoS, for short – exploit the same principle.
When a DDoS attack targets a business, it floods it with internet traffic in an attempt to overwhelm the system and force it to fail.
This results in the business and its customers being unable to access services. That may trigger a temporary failure, or it could be more serious. Last year, the average DDoS attack lasted 50 minutes.
That may not sound like a long time, but it’s enough to create angry customers, or to bring business to a grinding halt. And downtime can be costly.
The really bad news is that DDoS attacks are not only lasting longer, but they’re becoming bigger, more sophisticated and more common.
Recently, the biggest ever reported DDoS attack was reportedly blocked. At its peak, it sent 71 million requests per SECOND to its target’s servers. Prior to that, the biggest reported incident stood at 46 million requests per second.
Worse still, more businesses are reporting being targeted by DDoS attacks where criminals are demanding huge ransoms to stop the attack.
What does this mean for you?
It’s important you check all your security measures are up-to-date and working as they should be. Are your firewalls up to the task, with DDoS monitoring and prevention tools set up? And is your team fully aware of the importance of staying vigilant?
We can help make sure your business stays protected. Just get in touch.
Published with permission from Your Tech Updates
AI chatbots have taken the world by storm in recent months. We’ve been having fun asking ChatGPT questions, trying to find out how much of our jobs it can do, and even getting it to tell us jokes.
But while lots of people have been having fun, cyber criminals have been powering ahead and finding ways to use AI for more sinister purposes.
They’ve worked out that AI can make their phishing scams harder to detect – and that makes them more successful.
Our advice has always been to be cautious with emails. Read them carefully. Look out for spelling mistakes and grammatical errors. Make sure it’s the real deal before clicking any links.
And that’s still excellent advice.
But ironically, the phishing emails generated by a chatbot feel more human than ever before – which puts you and your people at greater risk of falling for a scam. So we all need to be even more careful.
Crooks are using AI to generate unique variations of the same phishing lure. They’re using it to eradicate spelling and grammar mistakes, and even to create entire email threads to make the scam more plausible.
Security tools to detect messages written by AI are in development, but they’re still a way off.
That means you need to be extra cautious when opening emails – especially ones you’re not expecting. Always check the address the message is sent from, and double-check with the sender (not by replying to the email!) if you have even the smallest doubt.
If you need further advice or team training about phishing scams, just get in touch.