<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=699785206826853&amp;ev=PageView&amp;noscript=1">

How to select the right Cybersecurity Tools based on Risk Assessment and ROI

Posted by John Winkler on Apr 7, 2017 9:10:58 AM

Senior Engineer

Find me on:

Great article on Forbes.  Understand your Risks and ROI first before selecting tools to improve cybersecurity:   


Executive Summary:

  • Evaluate Risk Mitigation vs Investment:  For example, an Intrusion Detection System (IDS) might cost $50k and help mitigate 2% of your risk.   A Cybersecurity Training program might cost $5k annually and mitigate 30% of your risk.   Each organization will calculate risk and ROI differently, find what fits yours.  
  • Do the basics right first!  Most people miss this step and employ overly complex solutions.   Employees, either through undereducation or malice are the biggest threat to an organization's cybersecurity.   Focus efforts on improving their awareness and skills 
  • A Firewall and Antivirus software are not enough in 2017.  You need a multi-pronged approach.
  • Don't try and buy a tool for every problem.  You will end up with 20 tools that no one in the organization can effectively manage.
  • Don't buy things that generate a lot of data/false alarms, you will need dedicated personnel to sift through the information which is expensive and time consuming.   

More Information available at Forbes Here

Topics: Cybersecurity ROI, Cybersecurity Education

John Winkler

Written by John Winkler

Senior Engineer