5 Tips To Help You Secure Cybersecurity Budget - COMTACT

1
(No Transcript)
2
SPEAK THEIR LANGUAGE

• Focus on business language, not technical
  metrics. In general, talking
• about risk and loss prevention is more convincing
  than overwhelming decision makers with
  cybersecurity data.
• Demonstrate the risk and potential impact of
  cyber incidents on your organisation. For
  example, the average data breach costs UK
  businesses around 3.5 million in 2021and that
  figure grew more than 20 from the previous year.
  Costs are naturally lower for smaller
  organisations but not much lower.
• Show how security can be a differentiator for the
  organisation. This is easier in some industries
  than others. If it isnt possible, show why it is
  an essential cost of doing business, e.g.,
  because the impact of a breach on customer trust
  would be devastating.

3
MAKE SECURITY AN ENABLER
Over the last two decades, cybersecurity has
developed a bad reputation as a function
that Costs money for no discernible business
benefit and, Actively blocks business progress
by delaying key initiatives. Lets be real.
Nobody wants to pump more money into a cost
centre and they especially dont want to pump
money into a cost centre that gets in the way of
revenue generating activities. You need to get
ahead of these stigmas. Always aim to demonstrate
how security can support business objectives and
initiativesnot block them. Similarly, when
asking for more budget, tie your request to
current business initiatives and priorities, and
show how youll enable them.
4
SHOW HOW EXISTING BUDGET IS SPENT

• Theres plenty of advice available on how to do
  this. Beyond the obvious
• performance metrics, here are a few things to
  consider including
• How security has enabled or supported key
  initiatives or objectivesa proven track record
  is always better than promises.
• Where security has supported improvements to
  business-critical metrics (e.g., selling more
  products online due to higher website uptime).
• Anecdotal evidence of specific incidents that
  have been prevented, along with the potential
  implications of failing to prevent similar
  attacks in future.

5
EXPLAIN WHAT EXTRA BUDGET IS NEEDED FOR

• This is one of those tips that sounds obvious
  but hardly anyone
• does it because they are too busy. It takes time
  to build a compelling argumentlet alone a
  business caseand most security teams already
  have precious little of that commodity.

6
FIND OUT WHAT SIMILAR ORGANISATIONS SPEND
BOenchNmarkinCg is YgeneBrally EgivenRmoSre
mEerit CthanUit desRerveIs. TIts oYne thing
to know what a competitor or industry peer is
doing, but if you dont know why the information
isnt useful. Regardless, executives and boards
typically place a high value on
benchmarkingparticularly if its provided
alongside other types of informationso its
worth including if it helps your business case.
As a (very) general rule, most organisations
spend between 10-15 of their total IT budget on
cybersecurity. If your organisation spends
markedly less, presenting this information to
your board or executive team can help make a case
for greater investment.
7
FOCUS ON WHAT YOU DO BEST
OMTACTS CYBERSECURITY CONSULTANCY PROVIDES YOU
WITH A CLEAR OVERVIEW OF YOUR ENTIRE
INFRASTRUCTURE. AS WE BUILD A DEEP UNDERSTAND OF
YOUR SPECIFIC REQUIREMENTS, WE MAKE
RECOMMENDATIONS THAT ARE TAILORED TO YOUR UNIQUE
NEEDS, ENSURING YOUR BUSINESS IS SECURE ACROSS
THE ENTIRE ATTACK SURFACE AND IN THE MOST
COST-EFFICIENT WAY POSSIBLE. We look forward to
working with you
Comtact Ltd. Rockingham Dr, Linford Wood, Milton
Keynes MK14 6LY comtact.co.uk