How FinOps Can Help Cyber Security Vendors Rein in Cloud Costs

Sep 19th, 2022
How FinOps Can Help Cyber Security Vendors Rein in Cloud Costs
URL Copied

The unprecedented drive to cloud-native computing architectures of recent years has entirely redefined attack surfaces amidst a growing threat of data breaches. The cybersecurity sector continues to see tremendous growth as a result, as businesses seek out dependable partners to protect their mission-critical assets and, at the same time, scale and adapt to the constantly evolving needs of their clients.

Although the demand for cybersecurity vendors has never been higher, and the opportunities never greater, keeping cloud spend under control is also becoming a major burden for such a data-heavy sector. Many cybersecurity vendors work with enormous and constantly growing data sets. For example, SIEM vendors must deal with the fact that every endpoint in a client’s environment generates a constant flow of events. Security data must be collected from dozens or even thousands of endpoints, either from agents installed on individual devices or via API calls. At the same time, highly scalable data lakes often play a central role in the process by serving as centralized repositories where all security data is collected and stored for analysis.

Today, cybersecurity primarily lives in the cloud, spanning processes that generate thousands of API calls and access requests every minute and ever-expanding data sets that need to be protected and constantly analyzed. Because of this, many cybersecurity vendors build their products and services on cloud architecture, which their clients, in turn, depend on to safeguard their organizations.

Not only is this a massive responsibility for cybersecurity vendors; it’s also a major cost center, if not the biggest one of all. Thus, in order to remain competitive and keep cloud costs under control amidst soaring demand, it’s imperative that cybersecurity vendors have total visibility into their cloud costs. They must be able to immediately answer the question of how much a particular client costs to onboard and maintain, as the return on investment might not always be as expected. For example, perhaps a particular client is no longer profitable due to their having a growing cost burden on your cloud footprint. As usage grows, so too does the risk of losing control of the cloud costs involved.

Such challenges are multifaceted, and the reach of these issues touches different departments. Finance leaders in cybersecurity companies want to know exactly why their cloud costs are going up. Is it because they’re taking on more clients? Or is it because their clients are upgrading to higher service tiers? FinOps aligns departments and ensures that they can answer these questions and more.

Consider the engineering teams that are tasked with implementing solutions to  accommodate client needs while at the same time ensuring that they meet budget demands and remain profitable. However, if they lack the accountability that a FinOps culture provides, then they’re less likely to build and implement an architecture that’s profitable and sustainable.

Let’s consider an example in which a cybersecurity vendor bases its architecture on Amazon Web Services. Two of the most popular AWS services are Lambda and Elastic Cloud Compute (EC2), both of which offer users scalable computational resources, but are certainly not meant to be interchangeable. 

When it comes to cloud cost management, AWS Lambda charges you based on the number of requests for a given function and the duration it takes for your code to execute. This makes it a popular choice for frequent event-triggered operations. However, while this gives you a highly granular degree of access to on-demand infrastructure, even down to the millisecond, costs can quickly spiral out of control if your code is taking too long to execute. 

If a particular client sends more requests than previously anticipated, there may reach a tipping point at which they are no longer profitable. Perhaps a problem spans all your clients, which might point to an issue with a particular function or transaction. In either case, having full visibility into your cloud spend, broken down by client, team, function, and application, can help you identify the root cause. With these insights, your engineering teams will be empowered to improve the efficiency of their architecture.

EC2, on the other hand, gives you access to an entire virtual machine, complete with an operating system. EC2 is ideal for various cybersecurity use cases, such as hosting applications for clients, developing test environments for new apps, or creating failovers for critical operations. However, EC2 instances are charged per hour of uptime, even when they’re idle. That means, if you have EC2 instances running apps for clients that are underutilized or not being shut down when they should, you’re likely wasting money.

Of course, most cybersecurity vendors need greater visibility into their cloud costs than simply breaking down those directly associated with major vendors like AWS or GCP. They also need visibility into things like containerized apps in Kubernetes and any other systems they might use. Many vendors also use data warehousing solutions, like Snowflake, for storing data for security analytics and SIEM, in which case they’ll also need visibility into data storage costs on a more granular basis, such as per client, per time period, or per application.

Having complete visibility into cloud costs also helps sales teams by giving them the insights they need to need to give the best pricing offer based on their anticipated usage.

Implementing a FinOps culture across your organization, in which all teams take ownership of their cloud use, can empower teams to answer vital questions and enable a data-driven approach to continuous optimization. Supported by a single platform for managing all their cloud costs, they can attain a granular view of their infrastructure costs using the KPIs that matter to them, such as the cost per customer, feature, or transaction. That way, engineering, finance, procurement, and sales teams can collaborate on data-driven spending decisions in order to reduce costs and, ultimately, achieve a more sustainable business model.

In an often unpredictable and rapidly evolving world like cybersecurity, these are great benefits to have on side.

Read about Finout's case study with Hunters - one of the fastest growing cyber security companies today 

Main topics