* [Blog](https://www.paloaltonetworks.com.au/blog)
* [Palo Alto Networks](https://www.paloaltonetworks.com.au/blog/corporate/)
* [Cybersecurity](https://www.paloaltonetworks.com.au/blog/category/cybersecurity-2/)
* The True Cost of Cybersec...

# The True Cost of Cybersecurity Incidents: The Solution

[](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.paloaltonetworks.com.au%2Fblog%2F2021%2F07%2Finvesting-in-cybersecurity-now-can-save-money-later%2F)  
[](https://twitter.com/share?text=The+True+Cost+of+Cybersecurity+Incidents%3A+The+Solution&url=https%3A%2F%2Fwww.paloaltonetworks.com.au%2Fblog%2F2021%2F07%2Finvesting-in-cybersecurity-now-can-save-money-later%2F)  
[](https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww.paloaltonetworks.com.au%2Fblog%2F2021%2F07%2Finvesting-in-cybersecurity-now-can-save-money-later%2F&title=The+True+Cost+of+Cybersecurity+Incidents%3A+The+Solution&summary=&source=)  
[](https://www.paloaltonetworks.com//www.reddit.com/submit?url=https://www.paloaltonetworks.com.au/blog/2021/07/investing-in-cybersecurity-now-can-save-money-later/&ts=markdown)  
\[\](mailto:?subject=The True Cost of Cybersecurity Incidents: The Solution)  
Link copied  
By [LeeAnne M. Pelzer](https://www.paloaltonetworks.com/blog/author/leeanne-m-pelzer/?ts=markdown "Posts by LeeAnne M. Pelzer")  
Jul 02, 2021  
5 minutes  
[Cybersecurity](https://www.paloaltonetworks.com/blog/category/cybersecurity-2/?ts=markdown)  
[Data Security](https://www.paloaltonetworks.com/blog/category/data-security/?ts=markdown)  
[Data Security](https://www.paloaltonetworks.com/blog/network-security/category/data-security/?ts=markdown)  
[Web Security](https://www.paloaltonetworks.com/blog/category/web-security/?ts=markdown)  
[Cost of Cybersecurity](https://www.paloaltonetworks.com/blog/tag/cost-of-cybersecurity/?ts=markdown)  
[cybersecurity](https://www.paloaltonetworks.com/blog/tag/cybersecurity/?ts=markdown)

This post is also available in: [日本語 (Japanese)](https://www.paloaltonetworks.com.au/blog/2021/07/investing-in-cybersecurity-now-can-save-money-later/?lang=ja "Switch to Japanese(日本語)")

# Proactively Investing in Cybersecurity Now Can Save Money Later

***This is the second blog in a two-part series, breaking down the cost of dealing with an incident versus the cost of investing in cybersecurity to prevent an incident. Learn the value of cybersecurity and how to invest your money wisely.***

## Power-Up Your People

When it comes down to people, process and technology, people will always be the weakest link in an organization's metaphorical security fence. Your organization may have the most detailed, security-forward processes and top-notch technical solutions, but if your workforce is not appropriately trained, your security might as well be non-existent. Equip employees with polished, emerging and industry-relevant cybersecurity training materials. Gone are the days when a simple handout or outdated PowerPoint deck is sufficient. Instead of issuing an annual training, or one that must only be completed when an employee is first hired, ensure that security awareness is built into your organization's culture. Require a new module to be completed monthly. Run frequent phishing campaigns. Create excitement by offering small incentives for folks who successfully report malicious emails. Investing in cybersecurity awareness and overall knowledge of your workforce is the number one way to elevate your long-term security posture.

## Understand Your Regulatory Requirements

Take the time to understand what regulatory requirements must be met by your business. If your organization becomes the victim of a cybersecurity attack, claiming ignorance will not save you from the monumental fines associated with regulations such as CCPA and GDPR. If your business has an especially complex environment with a large amount of customer information or Personal Health Information (PHI), it may be worth hiring a Chief Privacy Officer or [vCISO](https://www.paloaltonetworks.com/resources/datasheets/unit42-ds-vciso). This individual should specifically focus on ensuring that customer data is appropriately protected, and that all applicable regulatory requirements are fulfilled by the business.

## Practice, Practice, Practice Incident Response Procedures

They say that "practice makes perfect," and Incident Response is no exemption to this rule. There is a savings of approximately $2,000,000 on average when comparing the data breach costs of an [organization that tested their Incident Response Plan](https://www.ibm.com/security/digital-assets/cost-data-breach-report/#/pdf) versus those who did not complete testing.

However, many organizations end up building the car while they are driving down the highway at 100 miles per hour. They are hit with an incident and no one has any idea what to do:

* *The Incident Response Plan hasn't been updated in three years.*
* *No one's phone number is accurate.*
* *Cybersecurity insurance was never set up.*
* *Reporting requirements are not defined.*

The possibilities of how things can go wrong are truly endless.

Triaging a cybersecurity incident is an incredibly stressful experience. Alleviate some of that stress and save money by testing your Incident Response Plan via Tabletop Exercises or interactive scenario-driven sessions, at least two times a year. Make sure to include a "Lessons Learned" hot wash after any testing exercises to identify what Incident Response methods worked well, and what could use some work. Finally, take action and ensure proposed enhancements or changes to current Incident Response processes are updated within the [Incident Response Plan](https://start.paloaltonetworks.com/incident-response-plan-webinar.html) and associated policies.

## Know Your Weaknesses

You can't protect yourself against the threats that you do not know you are susceptible to. Execute an annual [cybersecurity risk assessment](https://www.paloaltonetworks.com/unit42/risk-compliance/cybersecurity-risk-assessment) across your organization, accounting for people, process and technology. Consider leveraging an external vendor that specializes in conducting in-depth cyber risk assessments against a respected industry framework, such as the National Institute of Standards and Technology (NIST) and Cybersecurity Framework (CSF). Identified risks should be associated with an in-depth recommendation that can be implemented to either fully remediate or mitigate the associated risk. In most cases, findings and recommendations are accommodated by a priority designation or strategic implementation roadmap---these are invaluable tools you can use to determine how to make the most impactful mark on your current security posture.

## Don't Get Caught Without Viable Backups

As mentioned earlier in this report, ransomware was the number one compromise method of 2019. Without viable backups, you are quite literally putting the livelihood of your business into the hands of cyber criminals. According to [Unit 42's 2020 Incident Response \& Data Breach Report](https://start.paloaltonetworks.com/cybersecurity-threat-report.html), an increasing number of incidents have included the deletion or disablement of backups. Regularly create and test [backups](https://start.paloaltonetworks.com/best-practices-backing-up-data.html). Be intimately familiar with the backup restoration process. And most importantly, ensure that backups are stored off-network and are protected by appropriate security measures, so threat actors cannot gain access and disable or delete backups to prevent recovery.

## Bring in the Experts

You don't have to do it all alone. [Engaging a cybersecurity consultant](https://start.paloaltonetworks.com/contact-unit42.html) or external partner is a great way to introduce security-specific expertise into your organization. Cybersecurity consultants are often privy to best practices and industry trends of the moment, so they will be able to offer new insights regarding what is currently working in the field. Forming relationships with outside experts will equip you with a strong network to tap into whether you are looking to bolster your organization's security solutions or just gain an outside perspective regarding industry best practices.

## Final Thoughts

Breaches are expensive, and likely more expensive than you thought they would be. While the up-front costs of proactively investing in cybersecurity capabilities may seem expensive, they are likely to save organizations significant amounts of money in the long run. Strategic proactive cybersecurity investments are imperative for organizations that wish to flourish in today's complex and dangerous cyber landscape.

To get help preventing and combating cyber incidents, contact the[Unit 42 Incident Response team](https://start.paloaltonetworks.com/contact-unit42.html).

Read the first part of this series, [The True Cost of Cybersecurity Incidents: The Problem](https://www.paloaltonetworks.com/blog/2021/06/the-cost-of-cybersecurity-incidents-the-problem/).

## Resources

[Cost of a Data Breach Report 2020](https://www.ibm.com/security/digital-assets/cost-data-breach-report/#/pdf)

[2020 Unit 42 Incident Response \& Data Breach Report](https://start.paloaltonetworks.com/cybersecurity-threat-report.html)

[Best Practices to Backing Up Data](https://start.paloaltonetworks.com/best-practices-backing-up-data.html)

[Key Considerations When Building a Formal Incident Response Plan](https://start.paloaltonetworks.com/incident-response-plan-webinar.html)

*** ** * ** ***

## Related Blogs

### [Cybersecurity](https://www.paloaltonetworks.com/blog/category/cybersecurity-2/?ts=markdown), [Data Security](https://www.paloaltonetworks.com/blog/network-security/category/data-security/?ts=markdown)

[#### The True Cost of Cybersecurity Incidents: The Problem](https://www.paloaltonetworks.com.au/blog/2021/06/the-cost-of-cybersecurity-incidents-the-problem/)

### [AI and Cybersecurity](https://www.paloaltonetworks.com/blog/security-operations/category/ai-and-cybersecurity/?ts=markdown), [AI Security](https://www.paloaltonetworks.com/blog/category/ai-security/?ts=markdown), [Cybersecurity](https://www.paloaltonetworks.com/blog/category/cybersecurity-2/?ts=markdown), [Data Security](https://www.paloaltonetworks.com/blog/category/data-security/?ts=markdown), [Incident Response](https://www.paloaltonetworks.com/blog/category/incident-response/?ts=markdown), [Reports](https://www.paloaltonetworks.com/blog/category/reports/?ts=markdown), [Unit 42](https://www.paloaltonetworks.com/blog/category/unit42/?ts=markdown)

[#### The Case for Multidomain Visibility](https://www.paloaltonetworks.com.au/blog/2025/10/case-for-multidomain-visibility/)

### [Cloud Computing](https://www.paloaltonetworks.com/blog/category/cloud-computing-2/?ts=markdown), [Cloud Workload Protection Platform](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-workload-protection-platform/?ts=markdown), [Cybersecurity](https://www.paloaltonetworks.com/blog/category/cybersecurity-2/?ts=markdown), [Data Security](https://www.paloaltonetworks.com/blog/category/data-security/?ts=markdown)

[#### Cloud Native Security for the Healthcare Industry](https://www.paloaltonetworks.com.au/blog/cloud-security/cloud-native-security-for-the-healthcare-industry/)

### [Company \& Culture](https://www.paloaltonetworks.com/blog/category/company-culture/?ts=markdown), [Cybersecurity](https://www.paloaltonetworks.com/blog/category/cybersecurity-2/?ts=markdown)

[#### Get Your Copy of the Cybersecurity Career Guide: Who Works in Cybersecurity, How We Got Started, Why We Need You](https://www.paloaltonetworks.com.au/blog/2018/09/get-copy-cybersecurity-career-guide-works-cybersecurity-got-started-need/)

### [Cybersecurity](https://www.paloaltonetworks.com/blog/category/cybersecurity-2/?ts=markdown), [News of the Week](https://www.paloaltonetworks.com/blog/category/news-of-the-week/?ts=markdown)

[#### Palo Alto Networks News of the Week -- January 28, 2017](https://www.paloaltonetworks.com.au/blog/2017/01/palo-alto-networks-news-week-january-28-2017/)

### [Application usage \& risk report](https://www.paloaltonetworks.com/blog/category/application-usage-risk-report/?ts=markdown), [Cybersecurity](https://www.paloaltonetworks.com/blog/category/cybersecurity-2/?ts=markdown), [Events](https://www.paloaltonetworks.com/blog/category/events/?ts=markdown)

[#### A View Into the Cyber3 Conference -- Crafting Security in a Less Secure World](https://www.paloaltonetworks.com.au/blog/2015/11/a-view-into-the-cyber3-conference-crafting-security-in-a-less-secure-world/)

### Subscribe to the Blog!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.
![spinner](https://www.paloaltonetworks.com.au/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up  
Please enter a valid email.  
By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.  
This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply.  
{#footer} {#footer}

## Products and Services

* [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown)

* [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown)

* [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown)

* [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown)

* [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown)

* [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown)

* [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown)

* [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown)

* [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown)

* [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown)

* [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown)

* [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown)

* [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown)

* [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown)

* [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown)

* [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown)

* [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown)

* [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown)

* [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown)

* [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown)

* [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown)

* [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown)

* [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown)

* [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown)

* [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown)

* [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown)

* [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown)

* [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown)

* [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown)

* [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown)

* [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown)

* [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown)

* [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown)

* [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown)

* [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown)

* [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown)

* [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown)

## Company

* [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown)
* [Careers](https://jobs.paloaltonetworks.com/en/)
* [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown)
* [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown)
* [Customers](https://www.paloaltonetworks.com/customers?ts=markdown)
* [Investor Relations](https://investors.paloaltonetworks.com/)
* [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown)
* [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown)

## Popular Links

* [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown)
* [Communities](https://www.paloaltonetworks.com/communities?ts=markdown)
* [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown)
* [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown)
* [Event Center](https://events.paloaltonetworks.com/)
* [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center)
* [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown)
* [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown)
* [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown)
* [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown)
* [Tech Docs](https://docs.paloaltonetworks.com/)
* [Unit 42](https://unit42.paloaltonetworks.com/)
* [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd)
  ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)
* [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown)
* [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown)
* [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown)
* [Documents](https://www.paloaltonetworks.com/legal?ts=markdown)

Copyright © 2026 Palo Alto Networks. All Rights Reserved

* [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks)
* [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown)
* [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/)
* [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks)
* [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks)
* EN  
  Select your language