5Cs of Cyber Security

Physical and logical Cyber security is the topmost priority for most enterprises today. The risk management plan for Cyber security is as essential as having a sales and financial strategy in the Organization. However, security rarely contributes to the bottom line of an organization as such as Chief Security Officers

(CSOs) and Chief Information Officers (CIOs) must find ways to ensure that their functions contribute as much as possible while consuming a minimum number of resources. Each successful organization in today’s world is constantly checking how things can be done better at a lower cost.

Let’s look at the 5 Cs of Cyber security and understand how they work, 


Today Organizations face constantly changing pressures from multiple sources such as Competitive threats, financial uncertainty, technological shifts, business risk, etc., Globalization and technological improvements have been enabled new business models and competitors to make a necessary change overnight. The ability of businesses to respond to effectively changing these pressures can be in itself a source of sustainable competitive advantage.


Corporate governance, risk management, and compliance with policies and regulations are in crucial focus for most of today’s enterprises. It’s not only enough to express intent to follow regulations and policies, but the organizations must ensure to measure and transparently keep reporting on how completely they are being followed and updated on a regular basis.

And the efforts to ensure consistent experiences for customers and to get more efficiencies from standardization are often competing with insiders or Employees of the enterprises whose sense of privilege or creativity conflicts with the corporate standards. Correspondingly, many organizations have invested huge amounts of resources in auditing and assurance services to ensure compliance with standards and to evaluate controls of the organizations.


It is sometimes impossible to deliver high levels of value without even addressing the cost structure for operating the services the organization needs. Software and hardware are purchased with sufficient capacity to handle the present and future needs of the organization. The equipment is installed, powered, and maintained with several internal resources. But very often excess resources exist in the host computers and within each machine that is operating the client software. When we sum up the total cost of ownership, we will most likely be quite surprised and less than amazed.

But whereas, The SaaS-based Security as a Service model provides an excellent alternative to the traditional options which will allow organizations to focus on their core business.  


Organizations regularly spend hundreds of thousands of dollars on high-end model computers, backup power services, and disaster recovery locations to create capacity to recover in their physical security platforms. These measures are not only expensive but they are often dependent on internal computer networks that are likely to be severely suffered by any form of a massive disaster.

If employees cannot get to the machines that operate the security platform, all the redundant measures will more than likely be useless.

But the SaaS model provides numerous answers for these types of critical challenges. Multi-tenant SaaS model services are normally hosted in highly reliable data centres with built-in redundancy. The best providers also employ separate disaster recovery centres to restore full operations if the primary centre is disabled. Redundancy in the communication path is built into the SaaS model due to the Internet’s capability to send information via a large number of routes.  


Today’s Organizations often find the best way to accelerate profitable growth is through geographic expansions. The expansion comes with significant challenges, risks, expenses, etc., Management teams sometimes will be extended a bit further. Solutions that provide good results in one location or at a small campus can become troublesome when multiplied for many geographically across the enterprise. Typically, types of installations expose the vulnerabilities, complexities, and hidden expenses of traditional client/server solutions.  

Security as a Service solution provides very clear benefits for organizations with different locations across the world. The low initial costs setup and wide ability of SaaS solutions give organizations access to world-class technologies with an economic model that promotes expansion instead of restricting it.  

The centrally hosted SaaS model provides all the central oversight and management needed in fully functioning organizations without requiring to invest in costly services in dedicated infrastructure.


As discussed above, Change, Compliance, Cost, Continuity, and Coverage; are all fundamental considerations for an organization. It is also different in the nature of software and the interaction with it.

So, the SaaS setup changes the relationships with software providers by creating a mutual dependant environment. No organizations expect a customer to continue to pay for a solution that is not providing value to their enterprise.

The Software as a Service (SaaS) model creates a vendor relationship from the very start and places the consumer in a more powerful position.

By Michael

Writer of Infohaunt is an Cyber Security Professional have experience in SOC operations, Threat Management, Incident Response, Threat Hunting, Digital Forensics.