Boris Vaynberg

by Boris Vaynberg

VP and GM for Advanced Threat Detection

Posted Jun 24, 2019

Calculating your cybersecurity net worth doesn't have to be complex. 

GettyImages-912778460.jpg

Every public and private company maintains a set of financial documents to keep track of their assets and liabilities in order to determine their net worth. These reports include financial and non-financial assets as well as all accumulated liabilities in order to determine if the company is profitable or running at a loss.

Most companies do not add their cybersecurity strategy to either of these categories, but effective Chief Information Security Officers are always doing a similar accounting for their cybersecurity assets and liabilities without realizing they are really just determining their cybersecurity net worth.

Security Liabilities

Unfortunately, your greatest security liability is also your greatest asset, namely your people. But, do you think that is the extent of your liabilities when cyber breaches occur?

Absolute cost of breaches may extend beyond the cost of the loss. In some cases, your customers may also have cause to create an additional liability for your organization. An article titled “If you’re hacked, what’s your cybersecurity liability?” posted by AICPA reports,

“Meanwhile, federal circuit courts are split as to what constitutes sufficient standing to sue in cyber breach cases. Some courts hold that companies may be liable for damages if client or employee data is stolen, even if the theft causes no harm; instead, it’s sufficient to merely allege that the information was compromised. This broad interpretation will only further increase the risk of cyber liability claims.”

Security Assets

In most cases you would look at your entire security strategy collectively in your asset column. However, it would be wiser to break it down into three primary categories:

  1. People: As discussed above, your people can be one of your greatest liabilities. However, with an effective security awareness training strategy, you will address the behavioral issues employees sometimes fall into that may open up security vulnerabilities and ensure they are genuine assets instead.
  2. Product: We have discussed how security solutions have evolved over time so we don’t need to revisit that today. Suffice it to say that the best security product assets will deliver an evasion-proof, cost effective and timely solution that prevents malicious behaviors instead of requiring you to remediate the damage after the fact.
  3. Process: Don’t forget to optimize business continuity as well as addressing archiving, risk and compliance to protect your organization from spear-phishing, malware, data leaks, data loss and downtime.

Addressing each of these three security asset categories from a holistic approach will ensure a positive cybersecurity net worth.

Balanced Security Net Worth

Generating a positive cybersecurity net worth is a function of ensuring safe content in the fastest and most cost-effective manner. Solebit’s SoleGATE (now part of Mimecast) uses a static analysis which is faster, more accurate, not OS version dependent and covers 100% of your code, with complete visibility. 

With SoleGATE, every line of code is evaluated, making sandbox evasion techniques ineffective. On average, Solebit analysis time is between milliseconds up to a few seconds. Network Sandboxes typically take 5-15 minutes to perform the same analysis.

Learn more about how to protect your organization here.

SOES19_blog_footer.jpg

Want more great articles like this?Subscribe to our blog.

Get all the latest news, tips and articles delivered right to your inbox

Boris Vaynberg

by Boris Vaynberg

VP and GM for Advanced Threat Detection

Posted Jun 24, 2019

You may also like:

Prevent, Don’t Remediate: Three Cybersecurity Requirements

It’s never a bad time to pause and…

It’s never a bad time to pause and reflect on the visi… Read More >

Boris Vaynberg

by Boris Vaynberg

VP and GM for Advanced Threat Detection

Posted Jun 17, 2019

How Many IT Security Tools Do You Need?

How many IT Security tools are you curre…

How many IT Security tools are you currently using to keep y… Read More >

Marc French

by Marc French

Senior Vice President & Chief Trust Officer

Posted Jun 07, 2019

Obfuscated Fileless Malware in Cyberattackers' Toolkits: A Closer Look

The latest from Mimecast Research Labs i…

The latest from Mimecast Research Labs includes a malware te… Read More >

Dor Zvi

by Dor Zvi

Security Researcher, Mimecast

Posted May 31, 2019