Leadership & Executive Communication
,
Training & Security Leadership
,
Video
Eric Sanchez of Kyowa Kirin on Balancing Cost-Efficiency and Effective Protection
The emergence of ransomware as a service and infrastructure as a service has significantly reduced the cost of launching cyberattacks, making cybercrime much more profitable for attackers, according to Eric Sanchez, CISO, Kyowa Kirin.
See Also: How to Strengthen Your Organisation’s Last Line of Defense: Your Human Firewall
While many companies allocate significant funds to detecting, investigating and remediating threats, they often overlook investments in proactive protection measures, he said. Companies focus on areas such as perimeter defense and identity management, neglecting the importance of education, Sanchez said.
“I’ve seen this with multiple companies. They are not educated enough to understand that spending X amount of dollars on defense will help protect your revenue for long term,” Sanchez said. “When it comes to spending compared to the attacker spending, there’s a big disparity. But when you look at how much revenue is saved, compared to when a company is attacked, you look at companies like SolarWinds and Panera Bread – they lost millions on credit card sales.”
In this video interview with Information Security Media Group at the Cybersecurity Implications of AI Summit, Sanchez also discussed:
- The need for business leaders to acknowledge cybersecurity as an essential revenue assurance strategy;
- Resource constraints and the complexity of deploying and configuring cybersecurity tools;
- Why education is essential to ensure decision-makers understand the ROI associated with cybersecurity expenditures.
At Kyowa Kirin, Sanchez executes a ground-up build of the company’s cybersecurity program. He previously worked as an executive-level consultant at FireEye and Exabeam and spent 12 years at the Central Intelligence Agency developing and executing global cyber operations. He is a member of the CyberEdBoard.