Light Dark
May 1, 2018 By Grace Murphy 3 min read
Data Protection

Over the past several months, we’ve explored the concept of epic fails in data security in multiple ways.

In January, we reviewed five avoidable fails we see clients experience frequently, highlighting issues such as compliance-centric security, lack of centralized data security and an inadequate focus on data activity monitoring.

A few months later, we examined three data security pitfalls, such as lacking comprehensive discovery and classification capabilities and failing to integrate your data security solution with other security tools, in the context of the upcoming General Data Protection Regulation (GDPR) deadline. Clearly, achieving nirvana in data security is an elusive goal with many obstacles along the way.

The Data Security Dilemma

As security professionals, the importance of data security is thrust into our consciousness on a daily basis due to the evolving threat landscape, the increasingly complex regulatory environment and the centrality of critical data to business success. As noted in IBM’s 2018 X-Force Threat Intelligence Index, challenges such as insider threats are on the rise, and placing security controls closer to the data itself can help combat both inadvertent and malicious insiders.

Upcoming regulations in the European Union (EU) and beyond are also bringing the importance of data security to light. While many teams are deep in the throes of gearing up for compliance readiness, it’s important to note that even after certain enforcement deadlines pass, organizations will need to demonstrate continuation of compliance for years to come. In other words, the journey doesn’t end when enforcement begins.

Finally, data itself is critical to enabling business success. In fact, The Economist recently touted data as “the world’s most valuable resource” — i.e., the new oil.

Quantifying the ROI of Your Data Security Solutions

Data security is crucial to the digital enterprise, and it is also incredibly challenging. Part of what makes this such a tough nut to crack is the dynamic, distributed and in-demand nature of data itself. Data is extremely difficult to control because it’s constantly changing, multiplying, moving and being transmitted via new avenues. In addition, it needs to be readily available at all times and accessible in many different formats. This is why many organizations recommend adopting a zero trust approach to data security, which places controls as close to the data as possible.

As organizations strive to improve their data security posture, they’ll need to approach the challenge from a people, programs and technology solutions perspective. This brings to light yet another epic fail that organizations might encounter on the technology solutions side: failing to quantify the benefits their data security solution brings to the enterprise.

As with any enterprise software purchase, your team should be able to clearly identify the areas in which your data security solution has impacted the organization and how that translates into monetary value. Questions you should ask include:

  • Are we getting a full return on investment (ROI)?
  • How long is the payback period?
  • Is the solution really helping us reach the goals we set out to achieve?
  • Do we have a trusted relationship with our security vendor?

The Total Economic Impact of Guardium

To help clients understand how to answer these questions, IBM recently commissioned Forrester Consulting to conduct a Total Economic Impact (TEI) study that examined the potential ROI enterprises can realize by deploying IBM Security Guardium as part of their overall enterprise data security and compliance strategy.

As part of this process, Forrester interviewed several existing Guardium clients who had faced a multitude of data security and compliance challenges prior to implementing Guardium, including:

  • The need to meet regulatory and compliance requirements;
  • The need to respond to an increased focus on security, compliance and data privacy strategy within the organization;
  • The desire to become more proactive rather than reactive in the security space;
  • The requirement to extend data security controls across a wider variety of environments and platforms;
  • The need to leverage automation more effectively; and
  • The desire to move beyond compliance and become truly secure.

READ THE FORRESTER TOTAL ECONOMIC IMPACT STUDY OF IBM SECURITY GUARDIUM

Based on the interviews, Forrester constructed a TEI framework, a composite company and an associated ROI analysis that illustrated the areas that were financially affected. At the conclusion of the study, the firm concluded that Guardium helped clients address the challenges listed above and brought significant benefits to the organizations overall.

By implementing Guardium, the companies referenced in the study saw eye-popping results, such as:

  • A 343 percent ROI;
  • $3.3 million in overall benefits; and
  • A payback period of less than six months.

These results are based on the composite organization Forrester created by compiling the interviews it conducted with multiple clients. As your organization explores data security solutions and how they might impact the enterprise, you should consider these metrics as well.

Curious to learn more about the TEI of Guardium and how to quantify the results your data security solution enables? Read the Forrester Total Economic Impact study of IBM Security Guardium.

 |  |  |  |  |  |  | 
Grace Murphy
Data Security Product Marketing Manager

More from Data Protection
November 2, 2023

Defense in depth: Layering your security coverage

2 min read - The more valuable a possession, the more steps you take to protect it. A home, for example, is protected by the lock systems on doors and windows, but the valuable or sensitive items that a criminal might steal are stored with even more security — in a locked filing cabinet or a safe. This provides layers of protection for the things you really don’t want a thief to get their hands on. You tailor each item’s protection accordingly, depending on…

November 1, 2023

What is data security posture management?

3 min read - Do you know where all your organization’s data resides across your hybrid cloud environment? Is it appropriately protected? How sure are you? 30%? 50%? It may not be enough. The Cost of a Data Breach Report 2023 revealed that 82% of breaches involved data in the cloud, and 39% of breached data was stored across multiple types of environments. If you have any doubt, your enterprise should consider acquiring a data security posture management (DSPM) solution. With the global average…

October 25, 2023

Cost of a data breach: The evolving role of law enforcement

4 min read - If someone broke into your company’s office to steal your valuable assets, your first step would be to contact law enforcement. But would your reaction be the same if someone broke into your company’s network and accessed your most valuable assets through a data breach? A decade ago, when smartphones were still relatively new and most people were still coming to understand the value of data both corporate-wide and personally, there was little incentive to report cyber crime. It was…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature