The value of Deception Technology is no longer a secret among cybersecurity professionals. Unfortunately, they are often not responsible for budget decisions, which means that the ability to financially justify the cost of a new security technology to the CFO and other decision-makers is important. What is the value to the business of Deception Technology? Will it save money in other ways? How reliable is this technology really?
Before deciding, security teams need to answer these questions.
Quantifying the value and cost savings associated with Deception Technology are not as difficult as they might first appear. In this blog, you will learn about the ROI and cost savings associated with Deception Technology.
Dwell Time Reduction
A survey conducted by Enterprise Management Associates found that respondents using Deception technology have reduced their average dwell time (the time an attacker spends undetected on the network) to a low of 5.5 days. Compared to industry averages, which range from 56 to over 200 days depending on the study, this represents a 90-97% reduction in dwell time. The time available to an attacker is directly related to the cost of an intrusion as well as the operational costs associated with remediation.
Insider Threat Detection
Deception Technology can be a particularly valuable tool for detecting insider threats. In a study by Enterprise Management Associates (EMA), deception was recognised as the most effective security control for detecting insider threats. What investigative teams’ value most about using Deception Technology for incident response is that accessing a decoy is always an unauthorised activity and it can be detected immediately. This can save hours, days or even weeks of time that would normally be spent confirming an attack pattern or confirming that the actions taken are indeed an incident.
Savings from Data Breaches
The cost of a data breach can be astronomical. IBM Cost of a Data Breach Report 2020 reports that the average cost of a data breach globally is $3.86 million, with the increase of home office workers adding an additional $137 thousand to the average cost of a data breach. The use of Deception Technology has resulted in cost savings of up to 51%, or an average of $75 per compromised record. This figure is derived from the savings associated with reduced dwell time and the impact of the overall intrusion, as intrusions with longer dwell times tend to be more severe.
Security Operations Centre (SOC) Operation Cost Reduction
A study conducted by Deceptive Defense, Inc. highlights the value of savings in SOC operations. Deception Technology can reduce SOC inefficiencies by up to 32% (or $22,747 per SOC analyst per year) based on the reliability of alerts backed up with information such as TTPs and IOCs, as well as the ability to collect forensic data that reduces attack investigation and response time. Deception solutions that can automate attack analysis and correlate events can also help reduce incident response time. The resulting effort for the security analyst and the number of false positives is significantly reduced.
Is your CFO now convinced that the use of Deception Technology delivers a very good Return on Investment?
You might also be interested in: Why does it take an average of 56 days to detect a hacker attack?
About the author