Cyber Effectiveness – Money Spent per Cyber Event Day

Cyber effectiveness is the money spent per cyber event day and it is expressed as CE = $/CED.

Why this is obvious sinks in once you think about the CE ratio.

Cyber event days - the term in the denominator - is a measure of the number of severity-one events by the time it takes to detect and resolve such events. The period for measuring CED is normally considered to be a year. Using a year for the measurement period tends to flatten out spikes in severity-one cyber events that may occur one month and are not experienced another time of the year. But we've had clients use shorter time-frames, including 90 days and fewer.

$ or spend on cyber - the term in the numerator - is all the money spent on cyber, including that spent for labor, services, managed services, Cloud subscriptions and cyber products. Similar to CED, the moneys spent on cyber are normally measured over a budget year. And like CED, we've had clients use shorter periods of 90 days and less.

Why is Cyber effectiveness - CE - measured by $ per CED?

Let's look at what happens to CE as a) moneys spent on cyber change, as b) severity-one events change, and as c) the time to detect and resolve such events vary  - and they will -  as follows:

Increasing Cyber Effectiveness

Change in $: As the money's spent on cyber increase, CE increases and as the spend declines CE declines. More on this in a bit.

Change in Severity-one events: As the number of severity-one events declines, cyber effectiveness - CE - increases. As the number of severity-one events increase, CE declines.

Change in time to detect and resolve: As the time to detect and resolve CED events declines, cyber effectiveness - CE - increases. As the time to detect and resolve increases, CE declines.

More on $ spent and CE rates.

Although not all moneys spent on cyber will lead to reduced severity-one rates and shorter times to resolution, readjustment of focus and cyber budgets tends to act to reduce CED over time.

For some organizations this readjustment process towards higher CE rates might take months and for others it might take years. For still others, there is no readjustment.

But for most - currently running about 80 percent of all organizations - the process of readjustment of focus tends to result in increasing CE rates.

CE = $ / CED

As is now obvious, the ratio CE can be used - and is being used - to assess fair forward progress of cyber programs in organizations. Moreover, it is being used like a predictive barometer of cyber conditions to discern cyber effectiveness internally and across peer groups.

As you continue to make progress into 2019, we wish you the best - measuring and improving -  cyber results, and hope you can use the CE ratio in your progress.

Related Research

Look for more on CE, CED, and moneys spent on Cyber in 2019 as we launch Cyber Source Data

Cyber Effectiveness and the CED KPI

10 Cybersecurity Metrics You Should Be Monitoring



Featured Research

2018 Cyber Security Spend Report

The 2018 Cyber Security Spend Report focuses on global spend today through the coming five years. Did you know that global spend on cyber security is: More than $103 billion today Will exceed $130 billion by or before 2022 Today’s top two spend categories account for almost 50 percent of spend by enterprises today. The

Innovative Digital Business Models

Is your company making money using some of the innovative digital business models of the future, today? If not, it is important to understand what some of the new digital business models are, what they are best used for, who should consider using them, why they are important, and when they should be used. Not