Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Analytics

7/23/2010
02:10 PM
50%
50%

Tech Insight: How To Cut Security Costs Without A Lot Of Pain

Everything from trading costly training for local conferences to outsourcing some security tasks can save money --- but first carefully consider the options

Companies are spending more on security: According to the recent Information Week 2010 Strategic Survey, 36 percent are expecting an increase in their security budgets during the next year. Is your company one of them?

Those numbers are hopeful for some, but the survey also shows that security professionals who are seeing the increase are only getting money to help with products -- not to boost their staffing. In other words, they're still being expected to do more with less.

Whittling away at operational costs and coaxing existing resources to last as long as possible has become the norm for many security professionals. Some are stuck working with budgets that were slashed a few years ago, with no immediate hope for an increase, while others are seeing a slowly increasing trickle of funds. But no matter which camp you're in, there are still a few areas where current security practices can be trimmed, supplemented, and even replaced to increase effectiveness while cutting costs.

One of the first areas of security that gets cut is training, which is often seen as a luxury in the eyes of management. But cutting training can also affect morale. Many IT security professionals look forward to their annual security conferences, with the expectation of learning new skills and networking with other security pros. So instead of cutting training altogether, consider some alternatives to trim costs instead.

Local security conferences are popping up all over the country, with small events like Security BSides and the recent THOTCON, which carry great content and typically cost very little (or nothing) to attend. Making the case to attend a BSides event, which offers free admission, is going to much easier than the typical training event at which one course runs several thousand dollars -- not counting travel.

Online training is another way to save, and it has grown more accessible with training organizations like the SANS Institute offering many of its popular classes online. Offensive Security, creators of BackTrack Linux, provide "Pentesting with BackTrack" and "Cracking the Perimeter" classes in a computer-based training format that can be done at work or home.

Another area in which costs can be cut or reduced is recurring software maintenance fees. Open-source alternatives to software currently in use can replace, or sometimes supplement, existing software. Snort and Suricata are two examples of open-source intrusion detection systems that can be used instead of a commercial solution. Many free and open-source tools have been released during the years to complement Snort and help it scale to large distributed environments, making it an attractive option.

Open-source alternatives to expensive centralized log management tools also exist that can help companies centralize logs and identify attacks before they become breaches. Snare and Lasso are two tools that can send Windows event logs to syslog-based servers for analysis and correlation. OSSEC HIDS is a great example of a full-featured log analysis tool that ties distributed log analysis with centralized reporting, Windows Registry monitoring, and file integrity checking.

The caveat to free and open-source software, however, is that your personnel's time isn't free. Make sure any choices to move to open source takes into consideration current skill level and experience with the new technologies.

Outsourcing security solutions can cut considerable costs, too. There are often little to no capital costs upfront because all equipment is housed off-site at the service provider's data center. Also, operational expenses tend to be less because the software is managed by the service provider and not existing personnel, who are freed up for other tasks.

Content-filtering, including Web and e-mail, are two of the most common areas being outsourced and easy to evaluate. Often a simple change in the user's systems, a router configuration change, or MX record update can point users to the new service to evaluate the services' effectiveness.

Hosted security services offer more than just content filtering. Solutions are available that include multifactor authentication, firewalling, log management, and intrusion detection. Choosing one means weighing the costs differences between doing it in-house and determining your company's comfort level with your information being intercepted and monitored by a third party in the cloud.

It's definitely possible to cut costs in security without causing the corporate security program to suffer, but the alternatives and resulting costs need to be evaluated carefully.

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Mobile Banking Malware Up 50% in First Half of 2019
Kelly Sheridan, Staff Editor, Dark Reading,  1/17/2020
Active Directory Needs an Update: Here's Why
Raz Rafaeli, CEO and Co-Founder at Secret Double Octopus,  1/16/2020
Google Lets iPhone Users Turn Device into Security Key
Kelly Sheridan, Staff Editor, Dark Reading,  1/15/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
The Year in Security: 2019
This Tech Digest provides a wrap up and overview of the year's top cybersecurity news stories. It was a year of new twists on old threats, with fears of another WannaCry-type worm and of a possible botnet army of Wi-Fi routers. But 2019 also underscored the risk of firmware and trusted security tools harboring dangerous holes that cybercriminals and nation-state hackers could readily abuse. Read more.
Flash Poll
How Enterprises are Attacking the Cybersecurity Problem
How Enterprises are Attacking the Cybersecurity Problem
Organizations have invested in a sweeping array of security technologies to address challenges associated with the growing number of cybersecurity attacks. However, the complexity involved in managing these technologies is emerging as a major problem. Read this report to find out what your peers biggest security challenges are and the technologies they are using to address them.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2011-3595
PUBLISHED: 2020-01-22
Multiple Cross-site Scripting (XSS) vulnerabilities exist in Joomla! through 1.7.0 in index.php in the search word, extension, asset, and author parameters.
CVE-2011-3610
PUBLISHED: 2020-01-22
A Cross-site Scripting (XSS) vulnerability exists in the Serendipity freetag plugin before 3.30 in the tagcloud parameter to plugins/serendipity_event_freetag/tagcloud.swf.
CVE-2019-18583
PUBLISHED: 2020-01-22
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019. Notes: none.
CVE-2019-18584
PUBLISHED: 2020-01-22
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019. Notes: none.
CVE-2019-18585
PUBLISHED: 2020-01-22
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019. Notes: none.