Turning Cybersecurity from a Cost Center to Revenue Enabler

By Nick Carstensen, Graylog Product Manager – Security & Integrations

Cybersecurity always seems a little bit like an insurance claims department. The underwriters are a revenue center in an insurance company, while the claims department is a cost center. A lot of security teams feel the same way. Even when senior leadership knows that security matters, they often need to make critical decisions during the budget allocation process. However, securing the digital technologies that enhance customer experiences and employee productivity can be viewed as a revenue enabler. Security teams can change how the organization views its business value by refocusing the conversation and using centralized log management. 

Security Cost Centers

When organizations consider security a cost center, they usually focus on two main issues. 


Security tools are expensive. Often, companies find that the tools solve a single problem, but new gaps exist. This leads to purchasing more tools. Over time, the costs add up. Senior leadership starts to doubt the value of tools or no longer wants to spend money to fill a gap. 

On the other hand, many companies may not have the budget for more comprehensive security technologies, like Security Incident and Event Management (SIEM) tools. SIEMs come with hefty up-front costs, including the technology and the data storage. 

Beyond the technology costs that need to be calculated when implementing a SIEM, companies also need to consider the significant productivity and services costs. Often, they need to pay someone to help deploy a SIEM. Simultaneously, they need someone internal to help with the deployment. All of this increases the costs making these tools even more expensive. 


The cybersecurity skills gap may be closing, but the struggle is still real for many companies. IT teams tasked with monitoring security may have staff who can respond to help desk tickets but lack experience with cybersecurity.

Most security tools require specialized skill sets. Finding the right people with the right skills can cost money. For example, a security analyst with the skills to work with a SIEM may be from a Tier 3 to Tier 4 salary range of $100,00 to $135,000. Meanwhile, the average annual salary for a Tier 1 security analyst is closer to $70,000. 

However, these analysts specialized on the SIEM itself lack the time to do other security tasks on top of this. In the end, companies still pay for additional experts like people who can manage things like endpoints, servers, and other technologies. 

Cost Reduction Isn’t Revenue

Reducing costs increases profitability. Usually, cost reduction helps a company remain stable. Lowered costs with stable revenue increases profitability. While cost reduction keeps a company financially viable, it doesn’t lead to growth. The way to grow a company is to grow revenue, not just increase profitability. 

Most senior leadership members view security as a way to reduce costs and risk. This makes logical sense, given that their jobs are to manage those parts of the business. Shifting the conversation toward ways that security increases revenue is a more compelling argument for senior leadership. 

Centralized Log Management Turns Security into a Revenue Enabler

Security leaders who can prove that their teams generate revenue can change the conversation, especially when looking to get the budget necessary for the tools they need. A purpose-built centralized log management solution can streamline these conversations by solving these challenges and enhancing the overall customer experience. 

Customer Experience and Trust

Centralized log management is a cross-functional solution that drives enhanced security and customer experience. A centralized log management solution purpose-built to enable security, development, and operations teams delivers better internal and external customer experiences. 

Operations need to investigate downtimes and outages. Sometimes these are caused by security incidents. Often, they can trace them to a technology issue, like a server being offline or a bug in an application’s code. 

Centralized log management that streamlines activities for all three teams means that they can get to the root cause of problems faster. When all three teams work together, internal and external customers have a better overall experience. 

Further, by building security directly into these processes with an easy-to-use centralized log management solution, everyone can share information easily. This reduces the key security metrics like mean time to detect (MTTD) and mean time to investigate (MTTI) that protects customer information which builds trust. Companies that have a foundation of customer trust increase revenue and grow.

Secure Integration and Development

Nearly every company integrates multiple applications across its on-premises and cloud infrastructure. Some build applications for internal use or sell software. In either case, secure integration and development drives revenue in several ways. 

Securely integrating applications can drive sales pipelines and protect customer privacy, both of which generate revenue. For example, integrating sales and marketing tools can speed up the company’s sales cycle, increasing revenue. Securely integrating these tools protects customer information which increases customer trust. Similarly, secure development for internally used software provides the same benefits. 

For software companies, secure development is more important. Companies that fail to secure their technologies leave their customers – and themselves – at risk. For example, research found that companies experiencing a data breach had long-term stock price underperformance. After two years, the average share price fell by -11.3% and the stock underperformed the NASDAQ by -11.9%. Growing revenue is exponentially more difficult when the company needs to overcome a significant revenue loss at the same time.

Centralized log management gives security, operations, and development teams a way to collaboratively drive secure integrations and product development. Working together, they can detect potential data breach risks more quickly. With purpose-built centralized log management, they can enhance security in ways that support one another rather than being siloed. 

Shifting Towards a Better Solution: Log Management for Security

Using log management for security reduces costs. Companies can eliminate many of the security technology redundancies across their stack. However, from a business perspective, the real conversation should shift away from “cost reduction” to “revenue generator.”

Senior leadership teams need to meet their own metrics, ones that often revolve around time-to-market and customer growth. Upselling customers only happens when customers trust a company to deliver high-quality, secure services and solutions. 

Centralized log management can eliminate the traditional costs associated with security. Easy-to-navigate user interfaces and visualizations empower less experienced security analysts so that the organization can save money. More importantly, it builds security into the company’s entire culture – internally and externally – so that everyone can collaborate for enhanced service and revenue.

Nick Carstensen, CISSP is the product manager for Graylog Security and Integrations, Nick is a cybersecurity expert with more than 15 years of experience in the Security and the Log/SIEM Industry.

Follow Brilliance Security Magazine on Twitter and LinkedIn to ensure you receive alerts for the most up-to-date security and cybersecurity news and information.