Self Assessment

CYFIRMA’s Cyber Awareness Series: Cost of security controls, implementation time, resource requirements, and review cadence

Published On : 2018-09-02
Share :
CYFIRMA’s Cyber Awareness Series: Cost of security controls, implementation time, resource requirements, and review cadence

AUTHOR

Kumar Ritesh, Chairman and CEO, CYFIRMA

 

Cybersecurity Economics: While difficult to calculate the ROI of security controls, the damage caused by its absence can be catastrophic. Organizations must:

– Balance the critical drivers for installing effective security controls in an organization: cost, time and resources required for implementation, maintenance and a regular review cycle.

– Target the controls at People, Processes, and Technology as the critical parameters determining the design and operational effectiveness of the security controls.

Here’s our view on:

・ Security control costs

・ Implementation time

・ Resource requirements

・ Review frequency of control logs and configurations

While there is no fit-for-all approach as customization will be required based on strategic goals, risk tolerance, budget, organization size, user and site spread, and business complexity-our suggested approach to implementing an effective security controls program is universal.