Why Setting a Recession-Proof Cybersecurity Budget Requires a Cybersecurity Framework

Cybersecurity is a growing concern for organizations across the world as threats increase. The global average cost of a single data breach is $4.35 million. Cyber threats and cyber issues are costly, both to a company’s financials and to a company’s reputation. A single data breach can wreck an organization’s rapport with its customers and reduce overall trust in the brand. Gartner forecasts  worldwide security and risk management spending will increase by 11.3% in 2023. Of this rapidly increasing security spending, zero-trust network access is a subset that is expected to grow by 36% in 2022 and 31% in 2023.

As we move into the new year, cybersecurity experts recommend that organizations build budgets driven by a zero-trust strategy—a framework for understanding the threats an organization faces. According to J.D. Harris, chairman and CEO of Ascent Solutions, a zero-trust framework is the only way to ensure a company’s cybersecurity budget is recession-proof.

“Zero trust is, by design, a flexible cybersecurity framework,” Harris said. “With a potential recession looming, organizations must build adaptability into their 2023 cybersecurity budgets.”

Harris said that organizations must follow three fundamental principles to ensure flexibility within a cybersecurity budget for 2023. Here are the initiatives every organization should prioritize: 

Set your sights on a framework, not a single system.

When planning a cybersecurity budget, Harris recommends starting with a framework, not with a technology plugin. More organizations are adopting zero trust as the foundation for their cybersecurity goals because it is uniquely adaptable. 

A zero-trust framework accounts for multiple key areas of concern in (and beyond) the cybersecurity landscape. Not only does it cover the company’s actual cyber risks, but it also can improve productivity and operations, reduce the total cost of ownership of a cybersecurity initiative, minimize the risk of revenue losses due to breaches, and bolster brand reputation overall. These business-critical functions can and will be affected by an organization’s cybersecurity and therefore must be considered within budget planning. Harris said this is why an organization cannot build a budget on a single-step security initiative, like buying a new technology or hiring a CSO.

Prioritize specific cybersecurity needs, don’t go for a blanket solution.

Under a zero-trust framework, organizations can identify specific cybersecurity needs unique to the company's threats and risks. This is a critical step in building both an effective and a recession-proof strategy because it ensures dollars aren’t wasted on blanket initiatives that won’t measurably improve the company’s security. Companies must first identify specific cybersecurity needs before setting a cybersecurity budget. For example, under a zero-trust framework, companies can learn to leverage existing technologies to serve specific cybersecurity needs more effectively. This drastically impacts a company’s overall budget because it can reduce the money spent on technology and maximize the impact of dollars already spent on tech solutions. Focus on the value you need to protect most. Prioritize the components of your business that will cost the most if they are lost. For some organizations, this may be intellectual property; for others, it may be customer information. Each organization will have different priorities.

Build a culture, not just a budget.

Ultimately, every cybersecurity initiative must be supported by overall organizational cultural changes. Companies must communicate security priorities from entry-level employees to the C-suite, and every team member must buy into the strategy. Team members need to understand the framework built for cybersecurity and the checks and balances with the system, like how the company will manage mistakes or how individuals can determine if they are on track with the organization’s security goals.

As you plan your 2023 cybersecurity budget, look first at your organization’s overall goals and then allocate funds. The only way to make your budget recession-proof is to ensure it is flexible. Building your cybersecurity budget on a zero-trust framework—with a clear understanding of the value your organization needs to protect—will yield the greatest security for your organization.

 

Image sourced from Shutterstock

This post contains sponsored advertising content. This content is for informational purposes only and not intended to be investing advice.

Market News and Data brought to you by Benzinga APIs
Comments
Loading...
Posted In: TechCybersecurityZen Media
Benzinga simplifies the market for smarter investing

Trade confidently with insights and alerts from analyst ratings, free reports and breaking news that affects the stocks you care about.

Join Now: Free!