<p>Everyone knows we need cybersecurity. But whether they admit it or not, businesses don’t always want to pay for it. Too often, the C-suite sees security as a cost center, making it difficult for CISOs to secure funding for new tools and initiatives.</p>
<div class=”ad-wrapper ad-embedded”>
<div id=”halfpage” class=”ad ad-hp”>
<script>GPT.display(‘halfpage’)</script>
</div>
<div id=”mu-1″ class=”ad ad-mu”>
<script>GPT.display(‘mu-1’)</script>
</div>
</div>
<p>While cybersecurity doesn’t directly drive revenue, it does maximize business continuity, protect the organization’s reputation and ensure regulatory compliance. By calculating cybersecurity ROI, CISOs can translate this value into a business context that resonates with CEOs and boards.</p>
<section class=”section main-article-chapter” data-menu-title=”Understanding cybersecurity ROI”>
<h2 class=”section-title”><i class=”icon” data-icon=”1″></i>Understanding cybersecurity ROI</h2>
<p>Financial experts typically define ROI as the income directly resulting from an investment, less the cost of the investment and expressed as a percentage.</p>
<p>ROI % = (net income / cost of investment) × 100</p>
<p>For example, consider a $1,000 investment that resulted in $100 of income. The ROI would be 10%, or a 10-cent return for every dollar invested.</p>
<p>But security controls don’t directly lead to revenue. Rather, they protect revenue by reducing cyber-risk. That’s why cybersecurity ROI has a looser definition than traditional ROI: It refers to direct and indirect financial benefits of a cybersecurity investment, including loss avoidance, risk reduction, time saved and money saved.</p>
<div class=”youtube-iframe-container”>
<iframe id=”ytplayer-0″ src=”https://www.youtube.com/embed/FpNVy_nPTbY?autoplay=0&modestbranding=1&rel=0&widget_referrer=null&enablejsapi=1&origin=https://www.techtarget.com” type=”text/html” height=”360″ width=”640″ frameborder=”0″></iframe>
</div>
<h3>What is ROSI?</h3>
<p>Some cybersecurity leaders prefer the term <i>return on security investment</i> (ROSI), which provides a more precise metric to evaluate cybersecurity investments.</p>
<p>There are multiple ways to calculate ROSI. The tradition
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: