Cost and Value of Cyber Security

Texture Side Right Grey 01

What is “good enough” security really costing you?

Truth is, good enough security is just not good enough. Detection rates are only one piece of the puzzle. When most organizations only have the resources to investigate 4% of alerts, how do you know those are the 4% that matter? Conventional cyber security solutions force your security analysts into busywork, and more importantly they fail to stop sophisticated, targeted attacks on your systems.

You know your security risks, requirements and capabilities. In this asymmetric battle an attacker only needs to be right once, while organizations need to be successful every time. Can you afford security that’s just “good enough”

Customer testimonial: Stater Bros. Market

Customer testimonial: Stater Bros. Market

Hear from Ben Cabrera, Network Supervisor, who discusses how FireEye products integrate easily and produce quality alerts.

Quantity does not equal quality

When you buy a cyber security solution, you expect to get alerts. And with malware signatures, you certainly will. Signature-based technologies, “next-generation” products and sandboxing solutions look for anything—and everything—they’ve experienced before. The wide net they often cast generates volumes of alerts for low-risk, low-priority attacks and false positives—benign events incorrectly labeled as attacks. Even worse, these conventional technologies will miss the indicators of unknown attacks, with devastating results.

“We haven’t seen any false positives and the alerts enable us to understand what’s going on across our whole infrastructure. And by getting ahead of the curve, we minimize wasting resources on having to clean up a breach.”

- Scott Adams, Manager of Technical Services, Bexar County, TX

The cost of indiscriminate alerts

Security teams get up to a thousand if not hundreds of thousands of alerts in a week. Third-party studies tell us that only 19 percent are reliable, and security teams only have time to really investigate four percent of them—and they don’t know in advance if that four percent really matter! Consequently, security analysts spend two-thirds of their time investigating false alerts. This wasted effort costs the average company over $1.2 million each year.

To deal with this reality, security teams have a choice:

  • Pay more now to scale operations, knowing that two-thirds of their money will continue to be wasted on noise
  • Pay more later when they miss critical alerts and experience a breach that can cost $10,000- $100,000+ per hour in remediation costs


“We have to do everything we can to protect ourselves. All it would take is one breach and 80 years of success would be gone.”

- Ben Cabrera, Network Supervisor, Stater Bros. Markets

FireEye makes alerts worthwhile again

It takes 157 minutes for an expensive expert analyst to correctly identify a true positive alert. That’s a lot of misplaced expertise. Here’s how FireEye delivers value:

  • The MVX engine identifies true positive alerts without volumes of alerts or false positives. Since security analyst’s typically validate alerts manually, this automation leaves them free for more important tasks. It even finds signs of threats for previously unknown attacks.
  • Contextual intelligence accompanies validated alerts to help your analysts quickly prioritize alerts properly and decide how to remediate them. It includes details such as attacker profile, threat severity and attack scale and scope.
  • Comprehensive visibility across the entire lifecycle to reduce alerts by up to 76 percent. By seeing and stopping attacks early (e.g. during exploit), it eliminates the alerts that would be generated from subsequent stages of the attack (e.g. callbacks) and alerts from other victims when the scope of the attack expands.