Cybersecurity on a Budget

What to do when money is tight

I haven’t met a Chief Information Security Officer (CISO) yet, who hasn’t had to deal with tight budgets. It’s a normal state of affairs for security leaders. Even in industries that seem to throw a lot of money at cybersecurity, there are limits to how much money is available to spend, and no limit to the cybersecurity needs of an organization.

Being able to deal with the ups and downs of budgets is an important skill for security and business leaders. Because money is just math, it’s time to sharpen your pencil and get down to really understanding two things: how to increase the amount of money you get, and how to reduce the amount you spend.

Increasing Cybersecurity Income

Finding enough money to run a program the way you want can be a full-time task for even the most talented cybersecurity leader. No one has full control of their income stream, and the changeable nature of our risk profiles, industry influences, laws and regulations, and culture, can all influence what is available, and when. Consider:

Traditional Budgets

Most of us walk into a cybersecurity leadership role with some kind of budget, usually tied to the ongoing operations of the team we inherit. The budget is usually…