Security teams could get a whole lot more bang for their buck if CISOs spent their budgets more strategically. A recent study by RAND Corporation pinpointed a number of areas that IT security can adjust to reduce the overall cost of managing risk in the enterprise. Costs across the next decade are on track to rise 38 percent over the next 10 years for most organizations. When organizations are able to reduce software vulnerabilities in half, they can cut the cost of cybersecurity by a whopping 25 percent. The cat-and-mouse game between security researchers and advanced attackers yields a sort of half-life of effectiveness for detection-based security technology.”]
Source: https://www.darkreading.com/attacks-breaches/3-keys-for-more-effective-security-spend