Many organizations are still supporting a security model that was developed years ago and is not reflecting the changes needed to address today’s challenges, including the changes in the threat landscape, the changes in the economics, and the need to do more with less.
The threat landscape has shifted from one where outbreaks, spam and malware were the norm to one where cybercriminals now target specific users, groups or organizations using spear-phishing emails with custom malware or custom malicious links designed to compromise the victim(s). Organizations that have not shifted their security model to reflect these changes are likely to have a higher risk of becoming a victim.
With the world markets still dealing with the global recession, budgets are continuing to be constrained, and IT must constantly do more with less. Security IT budgets are set up to spend based on the older model, and as such, are likely not allowing an organization to take advantage of economies of scale and the commoditization of certain solutions.
A new approach is needed to address the shifts that have occurred just in the past few years, and reviewing your current security model and asking yourself a few questions could help you lower your risks and costs.
- Are you paying a premium for a solution that addressed a threat that was critical 2-3 years ago, like spam, where now you may want to focus more on anti-phishing?
- Are you paying a premium for a security solution that is increasingly being commoditized?
- Are you supporting multiple anti-malware vendor solutions because in the past you thought if one didn’t detect a piece of malware, the other would?
We see these situations occurring regularly today and recommend a different model to support both the shift in the threat landscape and the changes in the economics.
Trend Micro commissioned Forrester Research to interview four global companies to identify whether going with a single-vendor model can improve their security investment – both from an improved protection and remediation aspect and from a return on investment perspective. What they found is that organizations that deployed a single-vendor model were able to achieve the following:
- 60% reduction in security issues requiring remediation
- 50% reduction in remediation time
- 120 end-user-hours per week saved from security-related downtime or slowdowns
More importantly, Forrester calculated an average of 146% return on the initial investment by these companies with an average payback period of just 5.3 months. The threat landscape of today demands the fastest time to protect for the new custom threats that are attacking these companies. As such, consolidating the number of vendors companies have to deal with during an attack allows them to quickly deal with the issue. Consolidating the security solutions used within the organizations to a single vendor solution with a single management console allows the business to gain visibility into what is occurring and to spend less time learning and dealing with multiple vendor solutions. The results speak for themselves, and these businesses are now able to do more with less, whether it is the time to manage the entire solution or the time it takes to identify and mitigate a new threat.
Trend Micro has consistently shown itself to be one of the fastest security providers to deal with new threats. NSS Labs is one of the only testing organizations that has included a time-to-protect factor into their tests. For three separate tests, Trend Micro has had the fastest turnaround time.
Click on image to enlarge.
Source: NSS Labs 2009 Consumer Report (Time-to-Protect results)
Click on image to enlarge.
Source: NSS Labs 2010 Consumer Report
Click on image to enlarge.
Source: 2013 Consumer Phishing Test
Lowering investment costs also frees up the company’s IT budget to invest in newer technologies needed to address the new threats of today. Less time managing the entire solution also frees up your important IT employees to deal with more pressing matters and to investigate many of the suspicious incidents that could be part of a targeted attack.
Join us for a live joint webinar on Wednesday, November 13 at 11 a.m. PST/2 p.m. EST with Forrester researchers who will share their perspective on today’s security landscape and discuss the research they did for Trend Micro, as well as how you can address the changes identified above.
See more information, and register for the webinar here.
