Prepare for the Unexpected: Costs to Consider in Security Budgets

Organizations that update business models to include cybersecurity as part of a strategic planning process may be able to better withstand unexpected disruptions.

The year 2020 catapulted cybersecurity from a technology problem to a business issue. Now, when organizations plan for digital transformation, leading with security is the norm. As it’s now top of mind for business and technology leaders, cybersecurity should be a significant part of every budget — factoring in necessities such as tooling, consulting services, training, updates, new licensing, and even an insurance policy.

However, as budgeting traditionally occurs in silos, security leaders are still concerned the committed spend will not be sufficient. A recent AT&T Cybersecurity poll showed that nearly one-third (28%) of cybersecurity professionals are concerned about the prioritization of security investments.

As we near the end of the year, a time when security budgets are often reassessed, let’s take a look at common direct and indirect security costs — and how organizations can get smart with their security spending.

The Direct Costs: Planning for Unexpected Disruptions
One of the most frequently overlooked direct cybersecurity costs is what organizations have been experiencing since early 2020 — the unexpected disruption and associated expenses as a result of the pandemic. In March 2020, when homes became offices and employees became remote workers, organizations struggled with unexpected cybersecurity expenses such as basic cybersecurity training, extra VPN licenses, extra licenses for secure email gateways, additional managed security services, and other typical cybersecurity budget line items.

Other unexpected, but real, disruptions include a cyberattack and its necessary remediation, unexpected business growth — either organically or through acquisition, and rapid change to accommodate competitive business initiatives.

Planning and budgeting for such disruptions is something a well-organized and strategic company considers as an unknown reality on a yearly basis. Organizations should use a strategic planning process to determine possible events that are likely and unlikely. Understanding where business risk may creep in over the course of the year helps organizations have a realistic budget that can help to successfully survive disruptions.

Failure to plan for the unexpected disruption can have dire consequences. For example, some businesses experiencing erosion from more nimble competitors could not adapt during the pandemic. Among other issues, the switch to everything remote, virtual, and touchless accelerated the decline of these businesses. Formerly stalwart brands have either gone out of business completely or are in restructuring mode.

The Indirect Costs: Crisis Management
On the other side of the coin lie indirect security costs. The most overlooked indirect cybersecurity cost is directly related to unexpected disruption: crisis management. In the event of an unexpected disruption, organizations may have to enlist the help of crisis experts such as outside cybersecurity professionals for remediation of an issue, the last resort of payment for a ransomware attack, or other crisis expenses.

Many organizations fail to think about a crisis situation and its remediation tactics. Planning for a crisis is not a failure — it’s being realistic and strategic. Failing to plan for a crisis as part of an unexpected disruption can cause significant impact to the business including the loss of customer loyalty, shareholder confidence, tarnishing of the brand, and ultimately, the business. While it’s true that planning for a crisis may cost a company more day-to-day (depending on the amount of work done, the industry and the geographies to be covered), it is still far more cost effective than being unprepared in a crisis, which can cost up to millions of dollars in mitigation and potentially hundreds of millions in reputation and shareholder value.

Cybersecurity is no longer an isolated technical team or issue; it’s a business enabler. Organizations that update business models to include cybersecurity as part of a strategic planning process may be able to withstand unexpected disruptions better than organizations that view cybersecurity as simply a technical problem to be solved.

Theresa Lanowitz is a proven global influencer and speaks around the world on trends and emerging technology poised to help today’s IT organizations flourish. Prior to joining AT&T Cybersecurity, she founded industry analyst firm voke, to highlight emerging technologies and … View Full Bio

 

Recommended Reading:

More Insights

Related Posts

Comments

  1. 544689 681643Thank you, Ive recently been looking for information about this topic for ages and yours could be the greatest Ive discovered out so far. But, what in regards to the bottom line? Are you confident concerning the supply? 820046

  2. 120083 108185There is clearly a great deal to know about this. I believe you produced various very good points in capabilities also. 437832

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Stay Connected

21,935FansLike
2,507FollowersFollow
0SubscribersSubscribe

Recent Stories

Guthrie County Supervisors Will Continue to Discuss Budgets – raccoonvalleyradio.com

The Guthrie County Supervisors will meet today.  The Board will discuss the fiscal...

Governors turn to budgets to guard against climate change – WSLS 10

SACRAMENTO, Calif. – Their state budgets flush with cash, Democratic and Republican governors alike want to spend some of the windfall on projects aimed...

Georgia General Assembly begins hearings for 2022/2023 budgets – wgxa.tv

Georgia General Assembly begins hearings for 2022/2023 budgets  wgxa.t

At many churches, pandemic hits collection plates, budgets – Fox Business

Check out what's clicking on FoxBusiness.com. Biltmore United Methodist Church of Asheville, North Carolina, is for sale. Already financially...

Governors turn to budgets to guard against climate change – Spectrum News 1

SACRAMENTO, Calif. (AP) — Their state budgets flush with cash, Democratic and Republican governors alike want to spend some of the windfall on projects...