Study: No One Size Fits All in Cybersecurity

GLOBAL DEFENSE MARKET

Study: No One Size Fits All in Cybersecurity

8/1/2015
By Yasmin Tadjdeh

While companies across the nation are pumping more money into hardening their networks and preventing cyberattacks, many are not economically optimizing their investment, a recent study found.

There is no “one-size-fits-all” strategy in cybersecurity, found a recent RAND Corp. report, “The Economics of Defense,” which was commissioned by Juniper Networks.

“It isn’t just about buying the latest tool and solving your problem,” said Bob Dix, Juniper’s vice president of global government affairs and public policy. “There needs to be a holistic approach and it needs to be driven by an enterprise examination of risk management.”

Over the next decade, the cost of managing cyberattacks will increase by 38 percent. The bulk of that increase will be due to rising costs associated with security programs, the study found. But more investment will not necessarily equate to safer networks, Dix said.

“Many of the security tools that are available on the marketplace today may solve part of the problem for part of the time, but there is no real silver bullet,” he said.

“Some of the tools have a shelf life and we have to be cognizant of that.”

Small to medium-sized businesses have different needs than larger companies and should invest only in basic tools and policies.

“Because small to medium-sized businesses have a much smaller attack surface and are less likely to face a sophisticated attacker, overinvesting in high-cost security investments would add a disproportionate cost when compared to the likelihood of a breach and the potential losses they would experience as a result,” the report said.

Larger companies — such as top defense contractors — would be wise to invest in advanced systems and make use of automation, the study found. “The likelihood that they will be targeted by an advanced attack, experience a higher volume of daily attacks or face some type of intrusion is much greater. If significant investments are not made, then losses endured due to an incident would be huge,” the report said.

The study also found that increased investments in workforce training would yield significant cost savings. A “well-staffed and knowledgeable security team is equally if not more important than investing in new tools. The best tools are not going to be effective if not properly managed,” it said.

Topics: Cyber, Cybersecurity

Comments (0)

Name *

Email *

Comment *

Please enter the text displayed in the image.

Characters *

Legal Notice *

NDIA is not responsible for screening, policing, editing, or monitoring your or another user's postings and encourages all of its users to use reasonable discretion and caution in evaluating or reviewing any posting. Moreover, and except as provided below with respect to NDIA's right and ability to delete or remove a posting (or any part thereof), NDIA does not endorse, oppose, or edit any opinion or information provided by you or another user and does not make any representation with respect to, nor does it endorse the accuracy, completeness, timeliness, or reliability of any advice, opinion, statement, or other material displayed, uploaded, or distributed by you or any other user. Nevertheless, NDIA reserves the right to delete or take other action with respect to postings (or parts thereof) that NDIA believes in good faith violate this Legal Notice and/or are potentially harmful or unlawful. If you violate this Legal Notice, NDIA may, in its sole discretion, delete the unacceptable content from your posting, remove or delete the posting in its entirety, issue you a warning, and/or terminate your use of the NDIA site. Moreover, it is a policy of NDIA to take appropriate actions under the Digital Millennium Copyright Act and other applicable intellectual property laws. If you become aware of postings that violate these rules regarding acceptable behavior or content, you may contact NDIA at 703.522.1820.

I have read the legal notice.

Find an Article VIEW ALL ARTICLES