How to calculate ROI for information security?
ROI stands for Return on Investment and is, in fact, a return on investment. Companies, regardless of their type of activity and the specifics of the markets in which they operate, always make sense to pay attention to the aspect of return on investment when buying software. When acquiring a corporate software solution, it is ROI that can help to correctly choose between products developed by various Russian and Western vendors. Calculating ROI is now becoming one of the important tools companies use when making purchasing decisions.
A few words about ROI in more detail.
ROI (return on investment) - the ratio of the measurable benefits to the investment in the project. If they say that ROI = 200%, this means that for every invested ruble we returned 2 rubles.
TCO (Total Cost of Ownership) is the sum of all costs incurred by the owner of the system throughout its life cycle.
Payback is the period of time necessary for the income generated by the investment to cover the cost of the investment.
ROI = (Benefit - Cost) / Cost × 100%
')
A lot of controversy raises the question - is it possible to calculate the return on investment for information security tools? Indeed, in this case, there is a significant increase in the total cost of ownership of the entire IT system of the company.
The Security Code company offers to get acquainted with the approach to solving this task - the task of calculating ROI when investing in information security tools.
Here are some of the fundamental points of this approach.
The full version of the presentation on calculating ROI when investing in information security tools.
We also invite you to get acquainted with the selection of materials on the topic "Everything you need to know about secure virtualization."
A few words about ROI in more detail.
ROI (return on investment) - the ratio of the measurable benefits to the investment in the project. If they say that ROI = 200%, this means that for every invested ruble we returned 2 rubles.
TCO (Total Cost of Ownership) is the sum of all costs incurred by the owner of the system throughout its life cycle.
Payback is the period of time necessary for the income generated by the investment to cover the cost of the investment.
ROI = (Benefit - Cost) / Cost × 100%
')
A lot of controversy raises the question - is it possible to calculate the return on investment for information security tools? Indeed, in this case, there is a significant increase in the total cost of ownership of the entire IT system of the company.
The Security Code company offers to get acquainted with the approach to solving this task - the task of calculating ROI when investing in information security tools.
Here are some of the fundamental points of this approach.
- IB incident is a kind of "insurance case"
When calculating ROI from information security tools, an approach similar to calculating ROI of insurance costs is used. That is, the situation of occurrence of risk is considered a situation similar to the insured event. A kind of "insurance case" can be called every IB incident - information leakage, system hacking, system infection, and so on.
- Sources of ROI
ROI sources can be risk reduction within the framework of the threat model, increase in the effectiveness of information security processes (setting policies, administration) and reducing business risks in terms of information security (compliance and, as a result, loss reduction).
The full version of the presentation on calculating ROI when investing in information security tools.
We also invite you to get acquainted with the selection of materials on the topic "Everything you need to know about secure virtualization."
Source: https://habr.com/ru/post/136172/
All Articles