Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Tuesday, 28 March, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Getting Your IT Security Budget Right.

by The Gurus
January 22, 2019
in Opinions & Analysis
Getting Your IT Security Budget Right.
Share on FacebookShare on Twitter

By Alastair Hartrup, Global CEO of Network Critical

Every year for many technology organisations, seeing headlines on a daily basis with reports of data breaches and cyberattacks from all corners of the globe is highlighting the need to ensure they are protected. Board rooms and executive management are more aware of the need for effective cybersecurity today than they ever have been. This awareness is driving action as many organisations look at frameworks for guidance on building effective security programs and ensuring the right budget is set aside.

We know that a strict security regime, rigorous employee training and sound accounting policies can help prevent costly attacks. Yet, it is surprising how few companies are deploying robust cyber security mitigation and remediation processes. One big reason for this lack of security diligence is the difficulty in justifying the expense.

According to last year’s Hiscox Cyber Readiness Report, most businesses lack cyber-expertise to prevent attacks. The reason for this is first, a lack of investment in streamlined technologies and secondly, a shortage of talent is both barriers to fine-tuning data security programs.

The budget justification question for IT security is difficult to answer. How much is saved by not getting hacked? Well, if an event does not occur, it cannot be quantified. However, we can look at instances where companies with lax security policies that have been successfully attacked and extrapolate potential liability from their experiences.

According to the same report, the average cost of cyber-crime across the globe, amassing all incidents, to each business over the past year was £250,000. Behind this number masks some wide variations to businesses on the different scales. For the largest organisations in the report (those with 1,000-plus employees), the average costs ranged between £394,000 in Spain and £1.4 million in the US. Some organisations faced still higher costs – here in the UK and our neighbours Germany the cost was £25 million. These cybersecurity costs only increased throughout 2018 as cyber-crime numbers rose.

The Ponemon Institute’s 2017 Cost of Data Breach Study: Global Overview, highlighted regulated industries such as healthcare, education and financial organisation suffer higher data breaches.

In 2017, the WannaCry ransomware cryptoworm was one of the biggest cyber-attacks in the UK. The worldwide attack happened in May and targeted computers that were running Microsoft Windows OS by encrypting the data and demanding ransom payments in Bitcoin cryptocurrency. In the UK the most damaged business by WannaCry was the NHS, with over 80 practices in England alone being taking down. This resulted in almost 20,000 cancelled appointments, 600 GP surgeries having to abandon the use of their computers and five hospitals that could not accept any more patients due to the influx of emergency cases.

So, when a CFO asks what benefit network security and training can be brought to the company, it is the CIOs that oversees the accessibility, confidentiality and integrity of files and systems. Therefore, CIOs are responsible for securing and allocating budget.

Here are a couple of key components to ensure your security budget provides best practice for your business.

Understand your current systems

We recommend you consider investing in a full risk assessment, which includes vulnerability scans and an in-depth penetration test. Working with a reputable information security firm with proven business acumen will provide a stake-holder readiness report as well as a remediation plan from which you can derive budget numbers.

Understand regulatory bodies and compliance requirements

Many regulatory requirements, such as PCI, HIPAA, and the soon-to-be introduced GDPR pose a very real threat to the company bottom line in the form of fines. These regulations require data security implementations, regular penetration tests and system monitoring. Failure to comply can also lead to heavy fines and damage to brand.

Align your plan with the CFO’s vision

Since IT purchases can be costly, big time technology spending in one quarter versus another can mean the difference between a good year and a bad year for the entire company. I recommend aligning spending with the CFO and the calendar. Purchasing on a relatively even scale throughout the year makes forecasting easier for the CFO and limits any year-end surprises that may come about from overruns or unplanned purchases

Once budgets tend to get to the finalised stage it is also important to include access and visibility to the initial budget and plan. Taps and Packet Brokers are critical components providing the necessary security appliance connectivity and accurate visibility to network traffic. These relatively low-cost devices can actually save money overall by being able to combine traffic from multiple links and reduce the number of high cost security appliances that need to be deployed.

Taps and packet brokers can help keep your budget in line without compromising the protection provided by security appliances. They can also provide the scale necessary to grow without going off-budget. In both budgeting and design, diligent planning and disciplined execution can save, not cost.

FacebookTweetLinkedIn
ShareTweetShare
Previous Post

Plexal Bolsters Global Cybersecurity Hub With Two International Partnerships.

Next Post

Why Executive-Protection Teams Need Finished Intelligence.

Recent News

Synopsys discover new vulnerability in Pluck Content Management System

Synopsys discover new vulnerability in Pluck Content Management System

March 24, 2023
Dole Food Company

Dole confirms employee data was breached following February ransomware attack

March 24, 2023
call centre

MyCena Improves Customer Data Access Protection in Call Centers and BPOs

March 23, 2023
Blue logo, capitalised letters. SPECOPS.

Fortune 500 Company Names Found in Compromised Password Data

March 23, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information