In theory, with every security breach that is publicized in the news media—and the many more that go unreported—the value of investment into an organization’s security system and tools should be clear.

After all, if the U. S. Department of the Treasury can be hacked, as it was in January, then it stands to reason that any organization can suffer the same fate.

Despite the abundance of cyberthreats and the potential disastrous consequences of a successful attack, IT leaders are improbably feeling the pressure to justify security investments. That’s according to recent research from OpenText and Ponemon Institute—a leading independent research firm focused on information security and privacy management—that recently took the pulse of nearly 2,000 senior IT and security executives.

A majority—55%—of those leaders say they’re under pressure to justify investment in these security strategies within six months to a year. They say calculating ROI is important to prove the business value of IT security investments and helpful in making informed security decisions, evaluating performance, and calculating profitability.

Yet only 43% of respondents say their organizations are very or highly confident in the ability to measure the ROI of investments related to securing and managing information assets.

More than half of those same respondents —52%—said that while proving that ROI is paramount, they are unable to track downstream impact of security investments. That impact could include KPIs such as reduced errors and rework, increased efficiency and productivity, and reduced compliance risks. Without that information, leaders are unable to provide clarity about the indirect benefits and costs that ripple outwards from an initiative, activity, or technology investment.

That’s not for a lack of trying: Nearly half of respondents said identifying metrics with business relevance is their top priority, but 51% struggle to quantify intangible benefits, such as reduced risk or improved productivity.

“This research confirms what we’re hearing from CIOs and other IT leaders and decision makers – that security remains vital but the value of which in many cases is hard to prove,” said Muhi Mahzoub, OpenText™ Executive Vice President, Security Products. “At OpenText, we’re leveraging AI to dramatically enhance our customers’ capability and accuracy without the need for complex overhauls of their stacks. In turn, that ROI becomes evident to organizational leaders.” 

With OpenText™ Core Threat Detection and Response, OpenText provides customers with leading cybersecurity capabilities, including:

• Rapid detection and elimination: Advanced anomaly detection that dynamically adapts to changes in operating environments and ensures contextually relevant threat detection. With multi-cloud integrations, OpenText's automatic correlation of anomalies significantly reduces the time needed to uncover critical threats.
• Adaptive learning: Powered by advanced machine learning models, the platform continuously evolves with each organization's unique environment and insider threat landscape, improving detection accuracy over time.
• Simplified deployment: This composable solution seamlessly integrates with Microsoft and other cybersecurity tools, reducing setup time and delivering immediate value. The built-in OpenText™ Cybersecurity Aviator translates AI-generated threat detection insights and alerts into plain language for SOC analysts, enabling faster preventative actions.
• Cost prevention and ROI: The solution proactively hunts for threats to help organizations reduce their potential exposure to multi-million-dollar incidents. Also, working alongside other security tools, this solution aims to maximize the value and ROI of prior investments for customers.

Read the complete survey report from Ponemon Institute. And learn more about how OpenText™ Cybersecurity can help your organization elevate its security posture.

The post Chasing security ROI appeared first on OpenText Blogs.