Forbes recently reported that Gartner predicts IT security spending will grow to a whopping $70 billion by 2020.
This prediction is supported by a Search Security survey of 2016 Information Security Spending showing 71% of respondents report increased spending, and financial giants including JPMC and Bank of America have recently stated they have unlimited security budgets. However the IT spending outlook isn’t so generous for everyone, 26% of those surveyed say their organization is flat on spending and 3% report decreased spending.
The truth is most organizations don’t have unlimited security budgets, and even those with growing budgets need to justify IT security spend. The Forbes article also cites numbers from Juniper Research predicting that “the rapid digitization of consumers’ lives and enterprise records will increase the cost of data breaches to $2.1 trillion globally by 2019, increasing to almost four times the estimated cost of breaches in 2015.”
There’s a strong correlation between increasingly successful cyber attacks and increased IT security spending as the threat of mounting data breach costs loom. To help close the cybersecurity gap new technologies are being developed to help combat cyber threats.
Take for example, Infocyte HUNT which approaches malware and persistent threats from a completely new perspective – by presuming your endpoints are already compromised. Infocyte’s unique, agentless cyber threat hunting platform is designed to rapidly assess network endpoints for evidence of compromise – without the burden of complicated equipment or endpoint software installations. It enables IT teams, to proactively discover the presence of attackers, active or dormant, who have successfully evaded their organization’s defenses and established a beachhead within the network. This innovative approach to threat hunting is helping modernize the way enterprises protect their networks and data.
6 Tips on Finding Budget for New Cybersecurity Tools
Unfortunately, organizations looking to manage ever growing breach threats with new technologies like Infocyte HUNT are often faced with the dilemma of where to find the funds. If you fit into the 29% of organizations that have flat or decreased spending, and even for those organizations that have a budget, but are competing with other IT security needs, here are six tips on finding the budget for new technology to combat cyber threats.
- Pause investments in more defensive technologies – Most enterprises spend 40-60% of the IT Security budget on defensive technologies (which averages 5-7% of the overall IT budget). Spending on post compromise detection in most enterprises is 0%. Adding the capability to detect hidden malware and persistent threats to complement these existing investments should be made a priority over adding further defensive technology that cannot identify malware that has already breached defenses.
- Look for functional capability overlaps – Some defensive technologies that were procured long ago have been updated to the point that there is very significant or complete functional capability overlap with other security products. In these cases, renewals for the redundant technology can be redirected to adding a threat hunting capability that allows the enterprises to manage the breach detection gap.
- Shelf your Shelfware – A lot of the time we find that enterprises have invested in technologies with the intent to deploy, but the solutions were never used, or were deployed and provided no value. Often, renewals for “shelfware” are maintained. Software that has been procured and not deployed serves no value and is a questionable expenditure that can be shelved, freeing up the budget. Renewals can be canceled and often enterprises can speak with their resellers to find a solution or secure at least partial credit back to apply to other purchases.
- Bring Compromise Assessments in-house – Compromise Assessments are required by many enterprises and are most often performed by a third party services company. These assessments are typically one-time engagements given cost and time constraints but need to be performed on a more frequent basis to ensure no new threats have bypassed perimeter defenses. With Infocyte HUNT these assessments can be performed using in-house junior resources as frequently as required, and external consultants need only be retained for highly specialized forensics skills that would be cost prohibitive to develop and maintain internally.
- Share the budget with other teams – Incident Response is an expensive, unplanned, and often budgeted activity. The party or organizational unit that will bear these costs will find that technologies like Infocyte HUNT that can manage the breach detection gap significantly reducing the time, effort, and scope of incident responses and may be interested in contributing budget to add this control.
- Make sure you’re investing in the right solution – Vulnerability Assessments seek to find known issues that malware can exploit – however they do nothing to find unknown malware and threats that are already on the network. Doesn’t it just make more sense to accept that in today’s cybersecurity landscape malware will breach perimeter defenses and add a capability to discover it before it can do harm?
As part of their risk management strategy companies need to modernize their approach to security and accept that a breach is bound to happen, and then invest in tools to proactively look for compromises. Reducing an attacker’s dwell time is the key to limiting damage to systems, data, and ultimately your bottom-line.
Download our white paper to learn how cyber threat hunting can help you identify malware and persistent compromises to close the Breach Detection Gap.
More from our blog
Despite the rich data provided by SIEMs, organizations find themselves drowning in false positives, making it difficult to focus on high-priority events. This problem of alert fatigue prevents cyber security teams from identifying and addressing real threats – impacting small teams with no SOC, large enterprise teams with a SOC, and MSSPs overseeing the security for many SOCs/customers.Read More »
In 2018, the U.S. Healthcare Industry Remained a Hot Target for Data Breaches. Last year alone, over 15 million patient records were affected with an average of one data breach occurring every 24 hours in the healthcare industry. It goes without saying that hackers and cyber attackers are finding ways around/through/past security defenses—exploiting vulnerabilities and…Read More »
A Brief History of Forensic State Analysis Prior to starting Infocyte, our co-founders, Chris Gerritz and Russ Morris, created the first enterprise-scoped threat hunting team for the entire U.S. Department of Defense. Their teams were responsible for hunting, detecting, and responding to highly sophisticated attacks across an 800,000-node network. With virtually unlimited resources and access…Read More »