Transcription
MANAGED SIEM with SECURITY MONITORINGCost Comparison for building a24x7 Security Operations Center
INSOURCE VS. OUTSOURCEThere are typically two principal reasonsorganizations choose to outsource securityservices:1. Cost effectiveness2. Compliance requirementsWhile there can be many more benefits to utilizingan MSSP, we are going to get into the specifics ofthe #1 benefit – cost effectiveness.If you are like most organizations, you have alimited security budget. Industry averages suggestthat it is common to spend 6 – 15% of the ITbudget on information security.We are going help you determine if you shouldbuild a 24x7 Security Operations Center (SOC)internally, or outsource to a professionalcybersecurity provider like Cybriant to providesecurity monitoring utilizing SIEM technology.
INSOURCE VS. OUTSOURCECreating a baseline for costsAn average employee will work 2,000 hours peryear. With 52 work weeks in a year and 40 workhours in a work week, each employee can work2,080 hours. Subtract typical vacation time andsick time and each employee will actually workroughly 2,000 hours per year.There are a total of 8,760 hours in a calendar yearTherefore, to staff a 24x7 SOC with one personavailable at all times you will need a minimum4.38 people (8,760 total hours available / 2,000available hours per person 4.38 people)Of course we know stuff happens. Holidays,maternity/paternity leave, employee exits,personal injuries, extended vacations, etc. so it isessential to account for that and plan for at leastsix people to cover every hour of the year.
INSOURCE VS. OUTSOURCETo properly staff a SOC you will need a blend oftalent starting with a manager or director– theone in charge. You will also need different tiers ofsecurity analysts – tier 1, tier 2, etc. The managerwill need to determine who will work when, andwhen will be the most critical times to have thehigher level analysts available.Indeed.com reports that the average salary of aSecurity Analyst is 88,120 per year, a SecurityEngineer 103,501 , a SOC Manager 122,000, anda SOC Director 150,000.Keeping the calculations simple, the minimumnumber of employees at the minimum averagesalary 88,120 x 6 people 528,720 / year.Annual Cost to Staff SOC 528,720
INSOURCE VS. OUTSOURCEWhen to Insource: You have the a minimum team of 6 qualifiedpeople committed to around the clock securitymonitoring Your operations are already mapped to a securityframework like NIST CSF and you have the timeand resources for strategic planning, designing,documenting, and implementing the securityprocesses by which your organization will executeon a daily basis. You already have SIEM software and the expertiseto use it. You have budget and time for recruiting, hiring,training, building and managing SOC processes.
INSOURCE VS. OUTSOURCEInsourcing Cost Comparison:SOCComponentHumanResources: SOCStaffHumanResources: SOCDirectorSIEM*Infrastructure(Compute &Storage)TrainingOtherTOTALSQtyAnnual Cost3 Year Cost6 528,720 1,586,1601 150,000 450,0001 50,000 150,0001 36,000 108,00011 10,000 36,000 30,000 108,000 810,720 2,432,160Average Insourcing costs per monthMid Market Business 67,560*SIEM – estimate based on organization with 1000 employees. For largerorganizations, it is very likely that SIEM software will be much more.Insource SOC: 2,432,160 / 36 months 67,560 / month
INSOURCE VS. OUTSOURCEWhen to Outsource: You don’t have the expertise When time-to-business-value is critical When you cannot justify the cost to InsourceOutsourcing the management of a SIEM with SecurityMonitoring has many different variables so it isdifficult to find an average cost for businesses.Your business is unique. A key benefit of working witha dedicated cybersecurity provider like Cybriant is theflexibility that will allow you to customize yourmanaged SIEM and Security Monitoring needs.Devices and applications monitored, hours and levelsof service, can all be tailored to fit your business needsand budget.Costs are subscription based and operational expenseswhich provides further flexibility and accountingbenefits.
INSOURCE VS. OUTSOURCEOutsourcing Cost iceOffering: SIEMsoftware,infrastructure,24x7 SOCProfessionalServices:Implementation /OnboardingTOTALMonthlyRecurringCost 500 5,000 1500 15,000TotalAnnual Cost 3 YearCost 6000 60,000 18,000 180,000 1500 15,000 19,500 195,000SMB to Mid-Market average Outsource costs permonth (with implementation)* 542 - 5,417*Estimate based on SMB and Mid Market needs, costs may vary based onbusiness needs. 195,000 / 36 months 5,417 / month
SECURITY MONITORING WITH MANAGED SIEMFor more information about Cybriant’s SecurityMonitoring with Managed SIEM please go towww.Cybriant.com/managed-siem.Contact us at844-411-0404info@Cybriant.comCybriant.com
1. Cost effectiveness 2. Compliance requirements While there can be many more benefits to utilizing an MSSP, we are going to get into the specifics of the #1 benefit -cost effectiveness. If you are like most organizations, you have a limited security budget. Industry averages suggest that it is common to spend 6 -15% of the IT
