Whenever a firm is debating what company, system, or software to invest in, a very important aspect is the return on investment that firm will receive. If a firm decided to choose Wombat, research has shown that through experience there can be up to 90% reduction in successful external phishing attacks and malware infections using Wombat’s four-step approach to security awareness and training. The scary thing is, knowledge of what is inside of a computer and how a computer works is growing rapidly across America, and many kids are learning at a young age how to code, which can translate to more Americans having the knowledge to conduct phishing attacks, which is shown in the New York Times article, Reading, Writing, Arithmetic, and Lately, Coding (Richtel, 2014). In the case of a security technologies company, the return on investment that a firm must evaluate is the Hard vs. Soft evidence (Knight, 2017). Return on investment almost always relies on the amount of future cash flows that result from that investment (Knight, 2017). In the case of a security technology company, future cash flows might not directly be the largest benefit. On investments like these, soft evidence may come first and lead to hard evidence, which will be a measure of future cash flows. In the case of a firm investing in Wombat, the soft evidence is that the lack of a reliable security system can lead to successful external phishing attacks (Knight, 2017). If there is no defense, it is very likely that an attack will occur. The result of phishing attacks can be extremely harmful to organizations. Some of the results include the theft of identity and users’ confidential details, large financial losses, prevention of users’ from accessing their own accounts, and loss of productivity. All of those results have the potential to lead to a loss of revenue, which is something that something that every company wants to protect itself from (Knight, 2017).
In calculating a firm's return on investment in Wombat Securities, there are four steps that the firm needs to take. First the firm needs to determine the initial cash outlay, which is the cost of the investment (Knight, 2017). Second the firm needs to forecast the cash flows from the investment, which is determining the net cash the investment will generate (Knight, 2017). Third, the firm needs to determine the minimum return required, this relates to how much the firm invested and how much it needs to make on top of it (Knight, 2017). Lastly, the firm needs to evaluate the investment, this will result in knowing if your investment offers a return that was more or less than the company’s hurdle rate (Knight, 2017). The major point of return on investment is the payback period. The payback period is how long it will take the firm to earn back its original investment. It is important to understand that in the following table, the tangible benefits are a recurring due to the fact that breaches can happen multiple times a year or over a few years. It is vital for firms like Chatham to have long lasting protection, which is an ongoing benefit for any firm.
Tangible Benefit
|
Dollar Value
|
Protection against loss of productivity. Faculty and staff could be locked out of systems after a successful phishing attack.
|
$10,000
|
Protection against identity theft and users’ confidential information.
|
$2,500
|
Protection against large financial losses after databases have been breached.
|
$20,000
|
There is the potential for Chatham to gain many intangible benefits if they were to buy, lease, or subscribe to Wombat’s security system. First off, Wombat is able to assess your employees knowledge and organizations susceptibility. Wombat offers a customizable assessment and simulated attacks unlike any other security company, as well as teachable moments that provide tips and practical advice for employees who fall prey to mock phishing, smishing, and USB attacks. These brief exercises usually help explain the danger of actual attacks and employees become motivated to participate in follow-up training. Chatham could also benefit from Wombat’s interactive modules which educate employees about security threats in the workplace and beyond. These modules give the employee the opportunity to encounter and recognize how their actions can have a positive impact on the safety and security of corporate and personal assets. Wombat’s auto-enrollment feature allows organizations like Chatham to automatically assign training to employees who fall for simulated phishing attacks and users who don't exhibit the desired level of proficiency on predefined cyber strength assessments. With Wombat’s security awareness materials, they reinforce and help you emphasize best practices and positive behaviors within your workplace. By making these messages more visible and more recognizable, you reinforce your training and help employees retain their knowledge. Wombat also feels that the most effective training program is one that is flexible enough to adapt and change according to your firm's needs. Their approach to measurement allows a firm to gather powerful analytics about strengths and weaknesses, evaluate results, and plan accordingly for future training for your firm.
The noted value of decreasing the amount of phishing in an educational institution, also at a high level from Wombat, is very beneficial. In the case of Chatham University, building its brand and building its trust with current students, current faculty members, and future students is massive. Having a brand is any business is a great advantage, and making it reliable creates more success for the business (Gallaugher, 2015). Chatham is trying to bring in more credible students into its undergraduate and graduate programs, and not deter potential students to other academic institutions . Successful phishing attacks are known to hijack a brand, which could be Chatham University, and cause current and potential users to lose trust and drop them for a nearby competitor. Using Wombat Securities, there would be no loss of current or potential students, and no loss of trust between the two. Reducing up to 90% of phishing attacks in previous adaptations of their technology, Wombat is not just protecting institutions software, but is protecting an overall business.
No comments:
Post a Comment