By: Kim del Fierro
What’s the single biggest issue facing security teams today? I nominate phishing, with damage expected to reach $6 trillion by 2021. Countless companies offer security solutions, but customers are still being hacked and continue to suffer towering cybercrime losses.
That means whatever security solution they buy, customers are still not able to meaningfully counter or prevent cyberthreats. In fact, they commit to security contracts running three to five years, spending six or seven figures annually.
But they still don’t get what they pay for.
Security vendors who don’t deliver value on their promises are not accountable. That means security needs to make a paradigm shift. What’s needed is a comprehensive, accountable, value-based approach to cybersecurity.
Today’s Security: fragmented when it should be comprehensive
Why are security vendors not delivering value for their customers’ investments? One major shortfall is lack of comprehensive protection. While phishing attacks come across email, web, and network vectors, existing solutions cover only email, leaving the others unprotected. Additionally, phish—which are targeted and low in volume—continuously evade defenses such as email filters, which are built to catch high-volume, fast-moving spam emails. Thus, phish carrying malware and phony web links keep landing in the inbox, where even educated users can click on them, or respond to a BEC request by providing sensitive data or company assets to a hacker.
Customers who purchase security solutions expect them to end phishing attacks. When cyberattacks continue to march through defenses and land in inboxes, those customers are not getting accountable value for their investment. Instead, they risk losing major assets and market stature.
Applying the Amazon and Google cloud value-based model to cybersecurity
Amazon and Google pioneered the evolution to value- and utility-based pricing, in which customers pay only for what they use, and for results obtained. The “pay-as-you-go” pricing approach has revolutionized the Internet business model.
Now, Area 1 Security offers customers a pay-for-performance option called Pay-Per-Phish. Customers receive comprehensive anti-phishing protection often deployed in minutes and only pay for the phish we catch. Pay-Per-Phish establishes a metrics-driven assessment of what is caught, ensuring that you, the customer, receive a return that is specific and consistent with business goals.
This contrasts dramatically with traditional security models of buying major infrastructure, and then installing it in data centers. Under the old model, customers are left to pay long-term subscriptions and hardened contractual commitments—whether or not that investment delivers value.
Is your security vendor accountable? Measure their value by the cloud model
Unless your security vendor is helping you free your business from the burden of phishing attacks and scams, it is not delivering a return on the investment you made. Pay-Per-Phish is engineered to deliver accountable anti-phishing security. The service is preemptive, cross-vector, and comprehensive. There’s no time commitment. You’re always in control, and you pay only for value received. Pay-Per-Phish is proof of how Area 1 Security technology sets a new standard for the industry with the first and only accountable, performance-based protection to stop phishing attacks.