Building the case for MDR: Achieving measurable value from reducing risk

Jason Oehley, regional sales director, Arctic Wolf.
Jason Oehley, regional sales director, Arctic Wolf.

Reducing cyber risk offers significant and measurable value to organisations, particularly when a security operations approach is deployed.

This is according to cyber security experts from Arctic Wolf, who were participating in an Arctic Wolf Quarterly Briefing for SA security stakeholders, presented in partnership with ITWeb. The webinar explored the costs of cyber risk and the value delivered by proactive and comprehensive approaches to improving security posture.

A poll of webinar attendees found that 55% believed budget was the biggest challenge in the way of their implementing security operations, while a further 20% said board and executive approval was a challenge. Security integration (18%) and current vendor inflexibility (4%) were also challenges they faced.

Jason Oehley, regional sales manager at Arctic Wolf Networks, said: “Where we see the biggest challenge in local organisations is achieving understanding at Board level of the potential impact of security risk, and why allocating budget is important.”

“To address this, we built risk value assessment tools, using a huge amount of intelligence to help you define business risk and the costs associated with it,” he said.

With an annual likelihood of a ransomware attack around 9%, risk of a data breach 15%, and risk of BEC around 20%, annualised risk exposure is around R13 million.

Arctic Wolf

The model includes value categories such as tool optimisation value, alert management cost value, security expertise value delivered and annualised risk exposure reduction value.

Using the tools, Oehley illustrated the estimated costs of risk and average operational value delivered to organisations, based on composite data from Arctic Wolf customers. 

In a sample organisation with R500 million in turnover, the full risk exposure could amount to an estimated R8.8 million in known costs such as forensics and incident response, and R42 million in lesser-known costs such as lost revenue, downtime, wasted payroll, loss of future revenues and company valuation decline. 

With an annual likelihood of a ransomware attack around 9%, risk of a data breach 15% and risk of a business email compromise around 20%, annualised risk exposure is around R13 million. By partnering with a SOC partner which adds significantly more value than just MDR (managed detection and response), this can be reduced by around R11.5 million, with remaining annualised risk exposure of around R1.3 million which can be addressed with risk transference, for example cyber insurance.

Comprehensive security operations to address risk

Andre den Hond, senior systems engineer at Arctic Wolf South Africa, outlined the Arctic Wolf security operations approach to reducing risk.

“Security tools alone are not effective, so we come at it from a comprehensive operational perspective and work strategically to improve customers’ security posture,” he said.

“We built our own security operations platform: the Arctic Wolf platform. This gives us the power of data – global security intelligence that we leverage to build back into the platform to protect all customers. The Arctic Wolf Concierge Delivery Model provides an actionable security journey and outcome back to our customers to proactively harden their security posture. The Concierge Security Team uses the Arctic Wolf Cyber Resilience Assessment to benchmark customers against industry standard frameworks and identify gaps in the security posture, then roll out a tailored security journey to address any weaknesses. The Concierge Service Model plugs into the environment no matter where the customer is in terms of security maturity. Over 120 ‘SPiDR’ Micro assessments can also be deployed to proactively improve security posture across the environment,” he said.

Den Hond added: “We also produce a cyber insurance rating and help generate a report around the security controls. We also recently launched the Arctic Wolf Cyber Jumpstart portal with access to free versions of the Cyber Insurance ratings, Cyber Resilience Assessment Lite and Incident Response Planner Lite.”

Share