Today’s cybersecurity executives have a lot of choices in how they wish to purchase and consume products and services.

The traditional approach of a large up-front capex investment in perpetual licenses works for some organizations, but many are looking towards managed services to reduce their up-front costs and move the overhead of managing the solution to a provider that can efficiently deliver results.

Very few security teams can boast of being fully staffed, but even so, given the propensity of security risks to multiply, those lucky few teams will soon find themselves under water as well.

Justifying a move to a managed service requires a realistic review of your infrastructure costs, operational support costs, staffing costs, and intangible costs. You should look at those costs over at least three years. You may not own the budget for some of this, so it will require a little bit of investigation, but it is a very valuable exercise.

Here are some examples of the costs that you will want to consider:

It’s easy to forget about infrastructure costs especially if it is handled for your IT team. You’ll need to do a bit of digging here to come up with your costs, but this is an important part of the justification. Make sure that you consider growth in your calculations since environments tend to grow over time and resource requirements may change.

 Infrastructure Costs
Description Traditional Perpetual Model Managed Services
Servers $10k – $40k yr. Included
Database Licenses $20k – $30K yr. Included
Backup Software $200/server yr. Included
Virtual Infrastructure Depends on provider Included
Antivirus, Malware Tools $100 – $200 yr. Included
Dev/Test Environments See Server and Database above Included
Power/Facility Costs $100-$120 per server yr. Included


Now that you have calculated the cost of infrastructure, we’ll turn to the cost (Read more...)