Return on Security Investment: Data Breach Example [Part 2]

In a previous blog post, we showed how Beckstrom’s Law could be applied to measuring a Return On Security Investment (ROSI). Here's a quick recap:

Value = Benefit Value – Security Investment – Residual Loss or V = B – SI – L

If your security initiative potentially saves the business $1 million and costs $75,000 per year in licensing and support, it’s a very positive ROI. Calculating the savings can be a time-intensive analysis, though. What about the probability of breach? Isn’t there some way to estimate potential losses should a breach occur, in a way that would indicate what controls to put in place to mitigate?

With the Ponemon Institute’s Report on Breach Costs, combined with Beckstrom’s Law, there is. Ponemon releases this report annually, reporting on different countries and geographical regions. Its organization is based on a per-capita, or per-record-lost cost basis: how much is a single PCI, PHI or PII record worth regarding breach cost? How does that vary per industry vertical?

Ponemon Institute Breach Cost By Vertical

 

The mean cost per capita for US companies in 2016 was $221. The probability of a breach that would carry a cost equivalent to a 10,000-record loss in the United States is 24% over the next 24 months – 26% globally.

In short, there’s a 1 in 4 chance that your company will have a breach cost of $2.21 million in the next two years.

Probability of data breach by country

The longer it takes to identify and contain a breach, the more is costs. Mean Time to Identify in the United States in 2016 was 191 days; Mean Time to Contain was another 58 days, driving breach costs up. Figures listed are in millions, showing how costs rise dramatically in cases of poor incident response.

 

Breach Cost Mean Time to Identify

Breach Cost Mean Time to Contain

But there’s more, and this to me is the exciting part: the Ponemon Breach Cost Report includes figures for how much a breach cost is reduced by undertaking certain security initiatives. Per the graphic below, these activities reduce per-capita breach costs by the deviation from the mean of $221 as shown. Combining this with Beckstrom’s Law is a wonderful way to illustrate ROI or ROSI.

Ponemon Breach Cost Security Investment Reduction

 

Let’s create an example based on probability using the mean per-capita cost, then:

  • 50,000 records stolen equals a $11 million breach cost
  • Having an Incident Response Team would lower that breach cost by $25.80 per capita, or $1.29 million
  • Presume a cost of $225,000 to fund the Incident Response Team, and that by having them you avoid the high-cost impacts of MTTI and MTTC – perhaps by discovery through Threat Hunting
  • V = B – SI – L
  • V = $1.29M - $225K – $11M
  • V = -$9,935,000 – a significant reduction from $11M in potential breach cost

Combining these security initiatives can greatly reduce the actual costs of the risks posed by security breaches.  To maximize your ROSI, use Managed Security Services to handle your detection, alerting and even much of your incident response – contact CIPHER to find out how.

CIPHER Cybersecurity Resources and Guides

 

Did you enjoy this blog article? Share it with your friends or comment below.
 
.

About CIPHER

Founded in 2000, CIPHER is a global cybersecurity company that delivers highly accredited Managed Security Services holding ISO 20000 and ISO 27001, SOC I and SOC II, PCI QSA and PCI ASV certifications. We have received many awards including Best MSSP from Frost & Sullivan for the past five years. These services are supported by the best in class security intelligence lab: CIPHER Intelligence. Our offices are located in North America, Europe, and Latin America with 24×7×365 Security Operations Centers and R&D laboratories, complemented by strategic partners around the globe. 

Our clients consist of Fortune 500 companies, world-renowned enterprises, and government agencies with countless success stories. CIPHER provides organizations with proprietary technologies and specialized services to defend against advanced threats while managing risk and ensuring compliance through innovative solutions.

Subscribe to Us!

Recent Security Posts

Essential-Cyber-Security-Tips-Guide.jpg

Twitter Feed