BLOG

How to Unlock the Value of a Security Investment

January 15, 2019 · READ

The departmental battle for budget is never ending. Think about monthly leadership meetings, where each department head is trying to pitch why their project/software/ask from their team should come out on top. But the truth is, when presenting any sort of proposal to management, it’s usually the ones with the highest potential for profitability that win. That’s why it usually means that proposals brought forward by the “cost-centers” like the security team often lose.

That is unless the organization has faced a major event. In these instances, it’s easy to explain the value of investing in security.

For example, when a major pharmaceutical company has discovered counterfeit products being produced and sold with their name and logo. Along with lost revenue, counterfeits may impose other costs to the company such as increased costs to secure supply, reputational damage and the risk of liability should they cause any harm to users. If a company has not yet invested in anti-counterfeit technology, the case for investment is much easier after something like this happens.  

But what about the forward-thinkers who haven’t experienced a significant event to make the case? That’s one of the reasons why security professionals have such a tough job. A job well done for them usually means that no one even knows that they’ve done their job.

Calculating the ROI of a New Investment

That said, we understand how challenging it can be to get approval for software that the leadership team might not see as critical to business performance. But, when it comes to the safety and security of your organization, can you really afford not to?  

To help you make your case, we’ve developed an ROI calculator and  an accompanying guide  to help you think through the sources of value and do a rough quantification of the potential return. This exercise is an estimate of the potential return on your investment.  Download this calculator to:  

  • Identify the number of incidents that  impact your organization  
  • Realize the cost of those incidents
  • Calculate the potential ROI of investing in software  

ROI = (Gain from investment — cost of investment) / Cost of investment

Get Resolver’s free return on investment tool here.

Key Metrics to Understand when Evaluating a Security Investment

It’s very common for us to see or hear something and quickly disassociate it from the possibility of it being reality for us. Like when we hear about a cyber breach that causes irreparable damage to an organization, or when a facility is victim to a physical security attack — we usually think “that won’t happen to us.” But in reality, we don’t know that it won’t. Experts warn us that we should be in the mindset of thinking less about IF something will happen, but WHEN.

Understanding the potential impact of events can save your organization from financial and reputational damage. Here are a few important things you should clearly understand about your organization:

  • Single loss expectancy: The expected amount of money that is lost during a single security incident (dependent on whether assets have been evaluated).  
  • Annual rate of occurrence: The likelihood or probability of a security incident occurring in a year.  
  • Annual loss expectancy: The total annual financial loss from security incidents. This is the number that demonstrates how much money can be lost by just maintaining business as usual.

A clear definition of each value above will help security teams to not only identify risks, but also identify controls and their potential impact on the entire organization.

Getting Stakeholder Buy-In for New Software

Even though corporate security teams are tasked with ensuring that all locations, people, and assets  associated with organization  are  kept  safe, secure,  and protected, they usually receive minimal budget to do so. This is further complicated when these teams look to leadership to support them in their initiatives, especially when the ask is  for software. Every business is inundated with priorities and burning issues at every corner. So, how  do you ensure  that your organization moves forward with the solution that  will  help you do your job  more effectively and better protect the organization? By making a crystal-clear business case.    

Building the Case for an Investment in Software

Imagine for a second, a world where you didn’t rely on Excel  to produce, report on, and present incident reports. If you didn’t have to chase information, collate spreadsheets, comb through emails, and track down documents — what would you do with that extra time? With Resolver, users have access to quality, timely data so that they can drive actionable insight.  

When building the business case for Incident and Investigations Management software, it’s imperative to highlight the opportunities  hiding in the missed reporting. Not sure where to start? We’ve  developed an ROI calculator to help you think through the sources of value and conduct a rough quantification of the potential return.

Try Resolver’s free return on investment calculator  here.

Table Of Contents
    Related Blogs
    Top Four Risks Associated with Natural Disasters Looking back at GSX 2019: A recap of what we learned Critical Incident Information All Security Teams Should Be Tracking MORE BLOGS
    STAY INFORMED

    Discover Resolver's Software

    Incident Management Software

    Protect your organization and prove your security team’s value with Resolver’s Incident Management application. Improve data capture, increase operational efficiency, and generate actionable insights, so you can stop chasing incidents and start getting ahead of them.

    Learn More

    Enterprise Risk Management Software

    Provide your organization’s board and senior leaders a top-down, strategic perspective of risks on the horizon. Manage risk holistically and proactively to increase the likelihood your business will achieve its core objectives.

    Learn More

    Regulatory Compliance

    Save time by monitoring all regulatory compliance activities, providing insights into key risk areas, and then focusing resources on addressing regulatory concerns.

    Learn More

    Request a Demo

    I'd like to learn more about
    • I'd like to learn more about
    • Enterprise Risk Management
    • Incident Management
    • IT Risk
    • IT Compliance
    • Investigations Management
    • Security Operations Management
    • Compliance
    • Security Audit
    • Loss Prevention
    • Brand Protection
    • ESRM
    • Internal Audit
    • Internal Control (SOX)
    • Third Party Risk Management
    • Threat Assessment

    I agree to receive promotional email messages from Resolver Inc about its products and services. I understand I can unsubscribe at any time.

    By submitting this form you agree to Resolver's Terms Of Service and Privacy Policy.