How Much Will It Take To Keep My Organization Safe?
A study by ZDNet reveals that 80% of organizations planned to increase their security spend in 2019 compared to their 2018 spend. This makes sense; considering the number of data breaches and the number of records exposed increased at an unprecedented rate from 2016 to 2018 as depicted in the graphic below.
Here are a few more related stats for those number-lovers out there:
- A separate study conducted by Statista showed the global number of web attacks blocked per day increased by 56.1 % between 2017 and 2018
- Gartner reports that the average annual security spend per employee has doubled, from $584 in 2012 to $1,178 in 2018. Another report says that spending is estimated to reach $6 trillion annually by 2021 which is double the $3 trillion spend from 2015.
While certainly reliable, Gartner is not the only market-provider with data-backed research. As outlined in an excellent article by the Boston Consulting Group, there is no real agreed upon consensus as to how an organization should determine its ideal cybersecurity spend.
It is encouraging to see executives invest more resources into adding cybersecurity tools and solutions; however, this change brings with it a new set of more challenging questions:
How much should my organization spend on cybersecurity? Which areas of my organization are most vulnerable thus requiring more attention? What is our organizational risk-appetite?
Start by completing an annual vulnerability scan and/or risk assessment to identify possible weak-points within your environment. Identifying vulnerabilities is only half the battle; you must also develop an actionable remediation plan to mitigate known vulnerabilities. Breaches are on the rise, with hackers constantly inventing new ways to penetrate security defenses. Will your company be 100% safe once you’ve completed a security assessment and implemented a remediation plan? The short answer is no, an organization can never truly eliminate all risk.
An auto-insurance policy provides a safety-net for car owners; by paying monthly insurance premiums, the policy owner receives peace of mind knowing his insurer will provide financial assistance in the event of an accident. For very similar reasons, numerous organizations are opting to purchase Cybersecurity Insurance Policies to further manage their risk. According to an Insurance Journal article, cybersecurity policy sales ballooned from $2.5 billion in 2015 to $4.3 billion in 2017. Sales are expected to reach the $7.5 billion mark by 2020.
Does your organization need to consider purchasing cybersecurity insurance? How much coverage is enough? What type of policy would suit my organization best? Does the policy require an annual assessment?
To answer these questions and a whole lot more, contact OCD Tech for a complimentary consultation of your organization’s IT environment and/or for a third-party security assessment.
