Maximizing ROI Through Strategic Cybersecurity Investments –

1 minute, 30 seconds Read

Leadership & Executive Communication
Training & Security Leadership

Eric Sanchez of Kyowa Kirin on Balancing Cost-Efficiency and Effective Protection

Eric Sanchez, CISO, Kyowa Kirin, and CyberEdBoard member

The emergence of ransomware as a service and infrastructure as a service has significantly reduced the cost of launching cyberattacks, making cybercrime much more profitable for attackers, according to Eric Sanchez, CISO, Kyowa Kirin.

See Also: How to Strengthen Your Organisation’s Last Line of Defense: Your Human Firewall

While many companies allocate significant funds to detecting, investigating and remediating threats, they often overlook investments in proactive protection measures, he said. Companies focus on areas such as perimeter defense and identity management, neglecting the importance of education, Sanchez said.

“I’ve seen this with multiple companies. They are not educated enough to understand that spending X amount of dollars on defense will help protect your revenue for long term,” Sanchez said. “When it comes to spending compared to the attacker spending, there’s a big disparity. But when you look at how much revenue is saved, compared to when a company is attacked, you look at companies like SolarWinds and Panera Bread – they lost millions on credit card sales.”

In this video interview with Information Security Media Group at the Cybersecurity Implications of AI Summit, Sanchez also discussed:

  • The need for business leaders to acknowledge cybersecurity as an essential revenue assurance strategy;
  • Resource constraints and the complexity of deploying and configuring cybersecurity tools;
  • Why education is essential to ensure decision-makers understand the ROI associated with cybersecurity expenditures.

At Kyowa Kirin, Sanchez executes a ground-up build of the company’s cybersecurity program. He previously worked as an executive-level consultant at FireEye and Exabeam and spent 12 years at the Central Intelligence Agency developing and executing global cyber operations. He is a member of the CyberEdBoard.

This post was originally published on 3rd party site mentioned in the title of this site

Similar Posts