According to the 2022 Verizon Data Breach Investigation Report (DBIR), data breaches caused by ransomware has almost quintupled, rising from 5% to over 25%. Additionally, the cost of data breaches has risen drastically in recent years. In 2021, the cost of a data breach has risen to $4.24 million on average, an increase of over 10% according to IBM. Risk is not a foreign concept for anyone in the financial industry, but in recent years cybersecurity risk has become a preeminent priority among financial service companies. Increased regulatory scrutiny and the steadfast presence of online banking has forced the industry to prioritize cybersecurity as a central pillar of its business calculus. In a hearing of the House Financial Services Committee with the CEOs of the top 6 U.S. banks, four executives reiterated that cybersecurity is their top priority. With how heavily data breaches can harm a banks reputation, and how important consumer trust is in banking decisions, it’s no surprise that the risk demands their utmost attention.
Risk is a natural extension of providing financial services to customers. A big mistake that we often see businesses make is a misunderstanding of cybersecurity risk. Some businesses imagine cybersecurity as an immutable cost center, a black box that eats all of the budget spend you can stomach throwing into it for no perceived return on investment. This just isn’t the case; in just about every aspect that matters, cybersecurity risk is business risk.
This means that cybersecurity risk can be quantified, mitigated, and documented like any other business risk. It’s not easy, and the mitigations are different, but it’s an accomplishable task that should be implemented throughout the organizational structure. The answer, in this case, is cybersecurity performance management.
Cybersecurity Performance Management
Cybersecurity Performance Management (CPM), simply put, is the process of managing cybersecurity performance by utilizing KPIs to track meaningful cybersecurity metrics that allow decision makers to strategically allocate budgetary resources to best mitigate cybersecurity risk. At present, businesses are dumping endless amounts of resources into the latest tools and software suites without considering the realistic return on their investment. CPM relies on visibility into continuous performance against goals along with measures of consistency to create tremendous new understanding around risk, providing for data driven decision making that can truly improve security and curb excess spend.
This kind of insight that CPM provides revolutionizes the way that organizations manage cybersecurity in support of the business. Incorporating cybersecurity risk into existing organizational risk management processes provides a structured and healthy way to identify and manage cybersecurity risk. CPM and risk management then provide a cyclical system; the risk management process identifies risk, and CPM provides the tools to target specific metrics that reduce risk.
This new visibility into cybersecurity performance against goals along with measures of consistency and coverage creates tremendous new understanding around risk, providing for data driven decision making that can truly improve security and curb excess spend. Being able to make quantitative decisions based on real-world performance data is a powerful tool in increasing operational efficiency. This visibility allows you to effectively target your weakest performing metrics and dramatically strengthen your baseline cybersecurity performance without falling into the trap of ballooning cybersecurity budgets. Best of all, it becomes possible to see and measure the impact of cybersecurity improvement in real time. Being able to prove to board members, executives, and stakeholders the tangible return on their investment in security is key to getting cybersecurity buy-in with all stakeholders.
How you can implement CPM
At its heart, performance management doesn’t tie you in to any specific vendor or ecosystem. It’s a process, not a product. But there are tools that greatly increase the efficacy of any performance management program, and it all comes down to automation. Automation lies at the heart of CPM. The best way to kickstart any kind of performance management program is to automate the collection, aggregation, and reporting of relevant KPIs. That’s no different with CPM, where automating the gathering of cybersecurity performance indicators (CPIs) is crucial in making the best strategic decisions to reduce business risk. The goal is to tie together as many of your existing security tools as you can into one convenient place where you can run analytics against past and current data. This automation can be done by creating custom tools, but it’s not always maintainable when all it takes is one or two updates to an API endpoint to break your reporting tools.