How to get more for your security dollars

In this episode of the EY Microsoft Tech Directions podcast, we discuss the benefits of simplifying security and how best to spend money doing so.

EY and Microsoft logo

Susannah Streeter welcomes Dave Burg, EY Americas Cybersecurity Leader, and Kelly Bissell, CVP, Microsoft Security Solution Services, to discuss how and why to simplify security in the most cost-effective way possible.

Underperforming and needlessly complex security systems aren't just a drain on day-to-day budgets, they can also open the back door to cyber criminals. The benefits of simplifying security are significant.

The numbers are startling. In 2022 alone, the average data breach cost increased to $4.35 million, an all-time high. With the economic downturn looming and budgets coming under increasing pressure, it's an ideal time to start streamlining security to find efficiencies and greater protection. But embarking on this process won't come without challenges, not least persuading those in charge of security at the C-suite level, to adapt to new ways of working. 

They may have become used to relying on a web of tools thinking that the more complex the defence, the better it is. It's hard to break old habits, but complexity doesn't necessarily spell greater cyber protection. 

Spending smart is often better than spending big. So what does that mean in practice? Just how does security simplification help to detect threats quickly, minimize risk, and strengthen security posture? How has security changed over the decades? And what does the future hold? 

Key takeaways:  

  • In an environment where some organizations waste significant portions of their IT and security budget on redundant, underperforming, and complex security tools, improving the portfolio is a critical lever in increasing the value delivered to the business.
  • It is important to build a proper business case and multiyear security technology strategy. Focus on outcomes that are most closely aligned with your organization's risks and business strategy.
  • CISOs should move as quickly as they can on a simplification approach. If they don't, management will ask someone else to do it. Be ready to do more with less.

For your convenience, full text transcript of this podcast is also available.


Kelly Bissel

CVP, Microsoft Security Solution Services


Episode 11


37m 19s