That’s what happened to health insurance giant Anthem in 2015. The company initially reported that 37 million records had been compromised, only to revise that number upward three weeks later to nearly 79 million. Investigators eventually determined that intruders had been inside Anthem’s network for nearly a year.

It’s clear that intrusion detection and prevention systems (IDPS) can be an important component of an organization’s multilayered security strategy, providing insight that access prevention devices at the perimeter can’t deliver. When making a purchase, organizations should look beyond the sticker price, which is typically a fraction of the long-term cost of operation. Buyers should evaluate indirect costs such as time to implement; hiring; retention expenses; and the impact of not setting up the technology properly, increasing an organization’s chances of a security breach.