If you were to hear that cybercrime is the primary factor that determines the growth in the cybersecurity market, would you be surprised? Of course not. While some studies predict that by 2021 the cybersecurity market cap will exceed $1 trillion, other studies have looked at the other side of the equation, stating that cybercrime costs will exceed the same amount in a similar timeframe.
Will this inevitably have an impact on your cybersecurity budget? That depends on how you quantify the size and scope of your organization’s cybersecurity risks, according to Devon Bryan, CISO at the Federal Reserve System. He believes that’s one of the biggest challenges that security leaders are faced with today.
“The challenges we face as practitioners to quantify the cybersecurity risk and to demonstrate with defensible data how cybersecurity investments will lead to marked improvement to overall cybersecurity risk posture using imperial data is among the challenges that we face in tackling that particular problem,” he told InfoSec Insider in a recent interview during the InfoSec World Conference & Expo.
In the full interview below, Bryan addresses the topic of over- or under-investing in cybersecurity as a security leader and shares his advice on what practitioners can do to ensure they’re taking the right steps to ultimately make the right investments based on their security strategy.