Hands Off the Security Budget! Find Efficiencies to Reduce Risk

CXOs looking for ways to tighten their belts may be forgiven for taking a long look at their security budgets, as Gartner forecasts spending on security technology and services will grow annually at 11% over the next four years. If the frequency and cost of ransomware and other cyberattacks don't give them pause, rapidly evolving regulatory and compliance requirements should. As a result, many executives are examining ways to streamline and reprioritize, rather than reduce, their security budgets. The toll of all breaches keeps rising - Ponemon reports the average breach now costs $4.45 million, an increase of over 15% since 2020. The true cost of a ransomware attack can far exceed the actual ransom. As a result, rather than cutting security budgets, 51% of organizations plan to increase security investments, especially for incident response planning and testing, employee training, and threat detection and response tools. Game-Changing Regulatory and Compliance Requirements The Securities and Exchange Commission's recently announced cybersecurity disclosure and reporting regulations should also serve as a wake-up call for many companies. Further, organizations must publish their cybersecurity risk management, strategy, and governance approaches in their annual reports. The business costs for regulatory noncompliance are also becoming more significant, as companies should expect increased fines or sanctions. Organizations without effective, well-coordinated, and compliant security responses may experience reputation damage, customer loss, and lower stock price valuations. These regulatory changes suggest increased security spending rather than budget cuts. Organizations will need to revamp processes, toolkits, and reporting protocols to improve cybersecurity threat response and their level of security expertise. A detailed infrastructure audit can uncover opportunities to reduce or reallocate spending. The rapidly changing security landscape means that last year's funded priorities may not deliver the same results in next year's budget. Prioritizing and funding the top issues can help reallocate security funding for the greatest impact. Moving to the cloud can lower infrastructure costs, reduce management requirements, and speed applications development and rollout times. Cloud migration can also reduce capital and human resource costs. Integrating network operations center and security operations center functions can optimize resource utilization and lower costs. Security Remains a Top Priority While organizations search for ways to cut costs in an uncertain economy, they also face more frequent and destructive cyberattacks and a rapidly changing regulatory landscape. Finding efficiencies and reprioritizing resources, rather than cutting security budgets, can help companies reduce risks and maintain an effective security infrastructure.

This Cyber News was published on www.darkreading.com. Publication date: Thu, 30 Nov 2023 23:19:27 +0000


Cyber News related to Hands Off the Security Budget! Find Efficiencies to Reduce Risk

Hands Off the Security Budget! Find Efficiencies to Reduce Risk - CXOs looking for ways to tighten their belts may be forgiven for taking a long look at their security budgets, as Gartner forecasts spending on security technology and services will grow annually at 11% over the next four years. If the frequency and ...
11 months ago Darkreading.com
Master Security by Building on Compliance with A Risk-Centric Approach - In recent years, a confluence of circumstances has led to a sharp rise in IT risk for many organizations. That's why a proactive approach to seeing, understanding, and acting on risk is key to improving the effectiveness of defenses in place to meet ...
10 months ago Cyberdefensemagazine.com
16 top ERM software vendors to consider in 2024 - Enterprise risk management software helps organizations identify, mitigate and remediate business risks, which can lead to improved business performance. The risk management market is rapidly evolving from separate tools across different risk domains ...
9 months ago Techtarget.com
A Cybersecurity Risk Assessment Guide for Leaders - Now more than ever, keeping your cyber risk in check is crucial. In the first half of 2022's Cyber Risk Index, 85% of the survey's 4,100 global respondents said it's somewhat to very likely they will experience a cyber attack in the next 12 months. ...
1 year ago Trendmicro.com
Key elements for a successful cyber risk management strategy - In this Help Net Security interview, Yoav Nathaniel, CEO at Silk Security, discusses the evolution of cyber risk management strategies and practices, uncovering common mistakes and highlighting key components for successful risk resolution. Nathaniel ...
9 months ago Helpnetsecurity.com
A Plan to Protect Critical Infrastructure from 21st Century Threats - On April 30th, the White House released National Security Memorandum-22 on Critical Infrastructure Security and Resilience, which updates national policy on how the U.S. government protects and secures critical infrastructure from cyber and ...
5 months ago Cisa.gov
ProcessUnity Introduces Industry's All-In-One Third-Party Risk Management Platform - PRESS RELEASE. BOSTON-(BUSINESS WIRE)- ProcessUnity, provider of comprehensive end-to-end third-party risk management and cybersecurity solutions to leading enterprises, today announced the completed integration of the Global Risk Exchange. The newly ...
9 months ago Darkreading.com
Three Things to Know About the New SEC Rules on Sharing Information and Breach Disclosure Deadlines - Recently, the Securities and Exchange Commission adopted rules about the handling and reporting of cyber risks and breaches. With these new guidelines and regulations, public companies and organizations must disclose cybersecurity incidents ...
9 months ago Cyberdefensemagazine.com
Third-Party Security Assessments: Vendor Risk Management - As businesses rely more heavily on external vendors to provide critical services and support, the importance of effective vendor risk management strategies becomes paramount. This article explores the significance of third-party security assessments, ...
9 months ago Securityzap.com
What Are the 6 Types of Risk Assessment and How Do They Work? - Risk assessment is a tool used to help quantify potential risks in a certain situation. It can be used in many different scenarios, including business operations, financial decisions, and also cybersecurity. A risk assessment helps you identify areas ...
1 year ago Thehackernews.com
McCaffrey Joins 'ASTORS' Champion SIMS Software Board of Advisors - SIMS Software, the leading provider of security information management software to the government and defense industries - and the 2023 Platinum 'ASTORS' Award Champion for Best Security Workforce Management Solution, is delighted to announce that ...
9 months ago Americansecuritytoday.com
Key Takeaways from the Gartner® Market Guide for Insider Risk Management - Insider risk incidents are on the rise and becoming more costly to contain. As a result, earlier this year, Gartner predicted that 50% of all medium to large enterprises would adopt insider risk programs. The report reveals several key findings about ...
10 months ago Securityboulevard.com
4 Metrics That Help CISOs Become Strategic Partners With the Board - Many CISOs experience burnout, and most find it difficult to be recognized as strategic, growth-oriented partners to their leadership team and board of directors. Challenges CISOs Face When Reporting to the Board It can be hard for CISOs to prove ...
11 months ago Darkreading.com
Facts and misconceptions about cybersecurity budgets - Managing and allocating budgets for cybersecurity and IT has become an increasingly critical aspect of organizational strategy. Organizations recognize the need to invest significantly in cybersecurity to safeguard sensitive data, protect against ...
10 months ago Helpnetsecurity.com
CISO Corner: Deep Dive Into SecOps, Insurance, & CISOs' Evolving Role - Welcome to CISO Corner, Dark Reading's weekly digest of articles tailored specifically to security operations readers and security leaders. We're committed to bringing you a diverse set of perspectives to support the job of operationalizing ...
9 months ago Darkreading.com
Critical Start Asset Visibility helps customers become more proactive within their security program - Critical Start launched their Asset Visibility offering. As part of an MCRR strategy, Asset Visibility helps customers become more proactive within their security program, helping them uncover assets that need protection, validate that the expected ...
9 months ago Helpnetsecurity.com
How to Complete an IT Risk Assessment - An effective security strategy needs to put managing risk at the heart of its approach. An IT risk assessment process is used by organizations to identify and prioritize the most pressing risks to their IT environment. Naturally, it focuses on IT ...
10 months ago Heimdalsecurity.com
Cyber Insights 2023: Cyberinsurance - The result is more than a dozen features on subjects ranging from AI, quantum encryption, and attack surface management to venture capital, regulations, and criminal gangs. In 2022, Russia invaded Ukraine with the potential for more serious and more ...
1 year ago Securityweek.com
Critical Start Implements Cyber Risk Assessments With Peer Benchmarking and Prioritization Engine - PRESS RELEASE. PLANO, Texas, Jan. 11, 2024 /PRNewswire/ - Today, Critical Start, a leading provider of Managed Detection and Response cybersecurity solutions and pioneer of Managed Cyber Risk Reduction, announced general availability of Critical ...
9 months ago Darkreading.com
Cyber Security Managed Services 101 - Benefits of an MSP. Maximizing efficiency. Cyber threats and cyberattacks like ransomware targeting SMBs continue to increase in part because malicious actors realize these organizations don't have the means or manpower for security teams. Even ...
1 year ago Trendmicro.com
Normalizing Security Culture: Stay Ready - While it may seem like self-promotion or extraneous work, it’s extremely valuable to take the extra time to summarize threats stopped, processes improved, projects completed and team members modeling strong security behavior. Most people don't ...
1 month ago Darkreading.com
How Healthcare Organizations can use ASPM to Fill CSPM Coverage Gaps and Save Money - In recent years, healthcare organizations have increasingly moved their healthcare information systems applications and infrastructure to the cloud to take advantage of its scalability, flexibility and cost-effectiveness. To mitigate these risks, ...
9 months ago Securityboulevard.com
Modern DevSecOps - DevSecOps - a fusion of development, security, and operations - emerged as a response to the challenges of traditional software development methodologies, particularly the siloed nature of development and security teams. DevSecOps aims to break down ...
10 months ago Feeds.dzone.com
The ONE Thing All Modern SaaS Risk Management Programs Do - Reducing SaaS risk is, without a doubt, a difficult challenge. Gaining visibility into all the SaaS apps used across an enterprise is hard enough, but it becomes an even greater challenge when only a portion of the apps go through the company's ...
6 months ago Securityboulevard.com
Cybersecurity jobs available right now: October 2, 2024 - Help Net Security - As an Applied Cybersecurity Engineer (Center for Securing the Homeland), you will apply interdisciplinary competencies in secure systems architecture and design, security operations, threat actor behavior, risk assessment, and network security to ...
1 month ago Helpnetsecurity.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)