Responsibly Defend Cybersecurity’s Budget

Though the cybersecurity function is as crucial as ever, recession, inflation and widespread layoffs have many teams facing serious budget cuts. Still, there are steps you can take to defend your cybersecurity program’s budget. A recently released report from Gartner provides guidance for cybersecurity teams looking to maintain their budget by speaking to the priorities they share with executive leadership.

In this report, we feel that Gartner emphasizes the importance of speaking in language that executive management understands.

Where cybersecurity professionals tend to be motivated by technical achievements and program improvements, executives care about what you do with the money you’re given and how your actions impact tangible business outcomes.

The report covers the following three answers for protecting cybersecurity budget from cuts caused by inflation, recession, layoffs and other economic headwinds:

• Benchmarking cybersecurity staffing, spending and maturity to peers: Executive management and the board of directors frequently ask how their organization’s cybersecurity spending and maturity compares to industry peers. Proactively benchmark your cybersecurity program and develop a compelling narrative that explains and justifies your resourcing needs.
• Demonstrating the link between security spending and business outcomes: Cybersecurity is a cost center and, therefore, a potential target for cost-cutting measures. Educate executive leadership on how cybersecurity supports and defends tangible business outcomes, such as revenue generation, cost savings, strategic initiatives and brand protection.
• Formalizing cybersecurity strategic planning: While cybersecurity budgets are currently stable, economic headwinds could put cybersecurity funding and staffing at risk in the future. Cybersecurity leaders should proactively formalize their strategic planning process and provide greater transparency and clarity to leadership on how resourcing decisions are made.

We believe,  the recent Gartner report offers value to teams whose budget has fallen under scrutiny and need to begin communicating better with executive leadership. Though most organizations will need to contend in some way with the challenges of the contemporary economy, it is possible to make a strong case for maintaining cybersecurity spend while tightening your budget elsewhere.

Gartner, Quick Answer: How to Responsibly Defend Cybersecurity’s Budget During Economic Headwinds, William Candrick, Richard Addiscott, 12 April 2023.