A rising inflation rate is prompting businesses to review expenditures. In this article, Philip Bindley, Managing Director of Cloud and Security at Intercity Technology, explores the steps businesses can take to cut cybersecurity costs without compromising protection.
The cost of living is surging at its fastest rate in 40 years, rising to 10.1% in September 2022. This has contributed to a ‘cost-of-doing-business’ crisis affecting firms across the country as they struggle with rapidly increasing costs of vital raw materials, fuel, wages, and energy to keep their companies running.
As a result, many companies are looking to make cost savings, including when it comes to cybersecurity. However, neglecting your security can have repercussions by putting your business in a vulnerable position for cyber criminals to exploit. The Cybersecurity Breaches Survey 2022 found that 39% of businesses identified a cyber-attack in the last year, causing companies to lose, on average, £4,200.
There are primarily two cost centres when it comes to a business’s cybersecurity expenditure.
- Rising costs for the technology to defend against cyber-attacks
Currently, the most significant impact on costs for these technologies is the exchange rate – as many of these vendors are US-based, and the weak pound is driving inflated pricing. With cyber threats now higher than ever before on the corporate risk profile, companies need to adequately support employees and protect their systems and data, which has increased cybersecurity expenditure.
- Rising cyber insurance costs
As the number and costs of claims against these policies have spiralled, the market has reacted in multiple ways, including increasing premiums, which is a direct cost increase to the policyholder. Underwriters of insurance policies insist on evidence of a high level of cybersecurity hygiene as an entry-level requirement for applying for cyber insurance or as a method for reducing premiums. This increases the cost to the business as they must adopt more technologies, add people, and mature processes to be eligible for cyber insurance protection.
Guiding principles for cutting cybersecurity costs
Businesses cannot part with cyber protection to save money without putting themselves at risk. While ransomware attack figures vary, it isn’t uncommon to see cybercriminals ask for figures north of £1M.
Instead of cutting investment in cybersecurity, businesses should review their tools and technologies. Over the last few decades, this suite may have become over-complicated and expensive to maintain as having more technologies means working with more people, which runs the risk of poor management, ultimately defeating the purpose of their role.
More technologies also meanmore vendors, licences, support agreements, training, and certifications, which all add to the cost. Technology has also moved on, and most of what many businesses have in place to protect endpoint, mobile, perimeter, cloud, email, and collaboration tools can be delivered by a single vendor. Keeping it simple is key to controlling cybersecurity costs. By consolidating cybersecurity vendors, businesses can simplify the number of technologies and tools they use to help defend themselves against cyber-attacks, in turn saving money.
Businesses should also consider whether cybersecurity is something they can deliver themselves or whether there are external partnersbetter placed with more resources, who offer 24/7 coverage, and investment into a skills base that is simply out of reach to deliver internally
There is never a wrong time to review cybersecurity. Finding an expert, looking at what measures are currently in place, what the aspirations of the business are moving forwards, as well as understanding the skills you have and need, will allow you to build a plan to consolidate cybersecurity vendors. When done well, with little investment in time and nominal consultancy cost upfront, you can navigate to a less expensive and better-protected cyber plan.