In an article in Dark Reading, they discuss a recent study that shows the costs of cybercrime are reduced through intelligence, which included monitoring. The study by the Ponemon Institute was a survey tallying the cost of cybercrime. The study surveyed 56 companies and these companies lost on average, $8.9 million due to cyberattacks each year. Based on the survey, companies that detected attacks slowly incurred greater costs. In the 2012 survey, that is to say the companies needed 24 days, on average, to resolve a cyberattack, which in turn created a hefty bill of more than $590,000 per incident — 42 percent more than the previous year.
While many businesses see information technology and especially information security as a cost center, there has always been a hard sell when it comes to proving or showing that the security controls, including network and security monitoring, help in saving money. Most of this is because of the usual hefty price tag that occurs with the implementation and ongoing maintenance of these systems.
According to the article and study:
“Some organizations seem to experience a lower cost, but not a zero cost, if they do certain things,” says Larry Ponemon, chairman and founder of the survey firm. Security intelligence “is really important and helpful — not only in the detection of the cybercrime — but in the containment and ultimately remediation of the crime.”
Companies that had deployed security information and event management systems or intrusion detection systems had, on average, $1.7 million less in cybercrime costs, according to the Ponemon survey. Companies that had implemented access and identity management tools saved $1.6 million, and the deployment of tools to help with governance, regulation, and compliance trimmed $1.5 million.
It is easy to understand that technologies for monitoring and gaining intelligence on threats, “security intelligence” within the report, correlated the most with a reduction in cybercrime costs. As mentioned above, while the costs were not reduced to zero, the reduction provides a good basis for the implementation or continuation of these functions within business.