Intelligent CISO Issue 55 - Page 41

EXPERT OPINION

How XDR reduces the total cost of security operations

Ransomware is becoming more prevalent and organisations are having to rethink their security strategies to stay protected . Hussam Sidani ,
Regional Vice President , Middle East and Turkey , Cybereason , explores the costs of combatting ransomware and how to mitigate it .
Hussam Sidani , Regional Vice President , Middle East and Turkey , Cybereason ansomware is on the

R rise , with an attack occurring every 11 seconds on average and causing one-in-three affected organisations to shell out anywhere from US $ 350,000 to US $ 1.4 million .

As ransomware gets both more accessible ( RaaS ) and increasingly sophisticated ( RansomOps ), security requirements have had to advance along with it .
To mitigate the risks , organisations have poured money into technology and into hiring the best talent . Unfortunately , this has left most organisations with tool sprawl , shelfware or an overly complex security stack and a total cost of ownership that just wasn ’ t budgeted for .
Security operations costs
According to the Cooper Fitch UAE Salary Guide 2022 , a SOC analyst can make approximately US $ 153K per year – that ’ s roughly US $ 12k per month .
Next , there ’ s the technology , which can vary widely depending on the solutions an organisation requires and does not account for whether or not your organisation is getting the most bang for the buck from the solutions investments . One CSO online study reports that 50 % of security leaders say they don ’ t use all of the features included in their security technologies , for example .
In addition , if you ’ re not careful , your organisation could end up with some tools that simply don ’ t integrate well with others in the stack , solutions that are subject to vendor lock-in and won ’ t scale with the security program and products that have duplicate features .
Then there ’ s the issue of effectively aggregating all the data from all those separate solutions in an efficient manner , so that is actionable . While useful , uncorrelated SIEM alerts simply don ’ t provide the ‘ big security picture ’ of what ’ s going on enterprise-wide , despite their promise to do so .
Inefficiency in the solutions stack is what leads to issues like tool sprawl , shelfware and a lack of trust from leadership when it comes to maintaining and growing the security budget for next year .
But , say you do get a shiny new tool that works for your organisation ; now you have to figure out the cost to deploy it , www . intelligentciso . com
41