Leadership & Executive Communication , Training & Security Leadership , Video

Maximizing ROI Through Strategic Cybersecurity Investments

Eric Sanchez of Kyowa Kirin on Balancing Cost-Efficiency and Effective Protection
Eric Sanchez, CISO, Kyowa Kirin, and CyberEdBoard member

The emergence of ransomware as a service and infrastructure as a service has significantly reduced the cost of launching cyberattacks, making cybercrime much more profitable for attackers, according to Eric Sanchez, CISO, Kyowa Kirin.

See Also: How to Strengthen Your Organisation's Last Line of Defense: Your Human Firewall

While many companies allocate significant funds to detecting, investigating and remediating threats, they often overlook investments in proactive protection measures, he said. Companies focus on areas such as perimeter defense and identity management, neglecting the importance of education, Sanchez said.

"I've seen this with multiple companies. They are not educated enough to understand that spending X amount of dollars on defense will help protect your revenue for long term," Sanchez said. "When it comes to spending compared to the attacker spending, there's a big disparity. But when you look at how much revenue is saved, compared to when a company is attacked, you look at companies like SolarWinds and Panera Bread - they lost millions on credit card sales."

In this video interview with Information Security Media Group at the Cybersecurity Implications of AI Summit, Sanchez also discussed:

  • The need for business leaders to acknowledge cybersecurity as an essential revenue assurance strategy;
  • Resource constraints and the complexity of deploying and configuring cybersecurity tools;
  • Why education is essential to ensure decision-makers understand the ROI associated with cybersecurity expenditures.

At Kyowa Kirin, Sanchez executes a ground-up build of the company's cybersecurity program. He previously worked as an executive-level consultant at FireEye and Exabeam and spent 12 years at the Central Intelligence Agency developing and executing global cyber operations. He is a member of the CyberEdBoard.

About the Author

Michael Novinson

Michael Novinson

Managing Editor, Business, ISMG

Novinson is responsible for covering the vendor and technology landscape. Prior to joining ISMG, he spent four and a half years covering all the major cybersecurity vendors at CRN, with a focus on their programs and offerings for IT service providers. He was recognized for his breaking news coverage of the August 2019 coordinated ransomware attack against local governments in Texas as well as for his continued reporting around the SolarWinds hack in late 2020 and early 2021.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.