Strategies to Cut Costs and Improve Cybersecurity

June 18, 2021

By Nir Sasson, Network Security Consultant, Avnet, a Rockwell Automation company

Cybersecurity costs businesses a lot of money – and with no measurable monetary income as a result. That leaves executives and board members scratching their heads and wondering: “Why are we spending so much on this? Why do we need to employ expensive professionals to manage and operate cybersecurity?” Often leading them to ponder, “We know cybersecurity is important, but how do we determine the right level of investment?”

We’ve developed a list of three strategies you can use to maintain good cybersecurity hygiene, while still managing costs.  

#1. Manage to the Exception

Managing to the exception is the principle that will allow your organization to maintain a proper cybersecurity defense. It means starting from the worst-case scenario, or the exception to the status quo, and working backward to create your strategy from there.

Take the example of password management. Organizations using the username and password authentication method to verify their legitimate computer users must also provide a mechanism to help validate users who are having a problem. For example, they may have mistyped the password, are locked, and can’t log in to the system.

The ideal strategy starts with focusing on the small percentage of people who will forget their username or password – the exceptions. With the exception identified, the organization can plan and implement special measures to deal with the uncommon cases when the self-management process failed.

The next step is looking at what the solution is and figuring out if it can be automated, which leads us to our next strategy.

#2. Automation: Transfer Tasks, That do not Require Human Judgment, to a Machine

Knowing when to utilize automation can save companies a significant amount of money. Look for tasks that don’t require human judgment. Tasks like granting permissions to users who meet certain standards or automatic alerts when they meet pre-defined rules.

Going back to our password-management example, we have now determined that we need to deal with users who get locked out. Typically, how is a user unlocked? He calls the help desk. The operator at the desk helps identify the user who phoned him as a condition for providing the password reset service, asking a series of security questions.  

This process can be transferred to an application, doing precisely the same thing. Instead of a human operator, a machine can check the correctness of the user’s answers and reset the password for him.

With one fix, we can dramatically reduce costs and the organization still has strong authentication systems in place.

#3. Know When to Outsource and When to Keep it Internal

Your organization most likely creates and stores vital information that, if exposed to an unauthorized entity, could result in an unbearable impact on your business. While important to protect, you most likely aren’t able to spend all your time on that one task – there is still the day-to-day, essential work that it takes to maintain the company.

If you do not possess the in-house capabilities required to gain and keep a good cybersecurity posture, the solution is not to give up on it entirely or to make compromises. That is when you should bring in an outside source to help.

Rockwell Automation LifecycleIQ Services works with organizations across a wide range of industries to take a proactive approach to cybersecurity. Our threat detection services can help you monitor and detect increasingly complex threats. We work closely with partners to provide comprehensive cybersecurity solutions to manage the operation of network security devices and applications, such as firewalls, intrusion prevention/detection, etc.

Cyber defense costs money, but it is possible to reduce the costs without compromising cybersecurity, and maybe even improve your defense.

Source

Related Articles


Latest Articles

  • The Power of OPC-UA in Industrial Automation

    February 27, 2024 In the world of industrial automation, the need for seamless communication between devices and systems in paramount. This is where OPC-UA (Open Platform Communications United Architecture) comes into play. OPC-UA is an open and secure communication protocol that enables interoperability between different devices and software applications. In this blog post, Omron explores… Read More…

  • A Basic Guide to the Types of Communication Interfaces Used in Mechatronic Automation

    February 26, 2024 Mechatronic components, such as feedback devices, motors, and drives, often use various communication interfaces to interact with control systems and other devices. These communication interfaces have evolved over time to meet specific needs and standards in the industry. This article explores some of the common communication interfaces and provide a simplified overview… Read More…


Featured Article

SEW-Eurodrive Demonstrates StarterSET for Vertical FFS Machines at ATX 2023

Across Canada and around the world, innumerable products are packaged, transported, and processed in a variety of ways before finally being distributed. To meet these challenges, SEW-Eurodrive has developed their StarterSET, which consists of pre-selected hardware and software for specific machine types. The StarterSET offers perfectly matched and total automation packages. It can be used as is, as a basic package, or can include flexible adaptation options and countless customized add-ons.

Read More


Products