Much of the world is entering a recession, which means businesses are examining their budgets more closely than before. Particularly when it comes to IT spend, the immediate instinct is to reduce budgets. However, instead of cutting their cyber security spend, they should rather look at whether they’re making the best use of the solutions they have, according to Jason Oehley, regional sales manager for South Africa at Arctic Wolf.
“Businesses need to consider how to make their cyber security investments more effective. Cyber security threats aren’t going to go away; in fact, they’re increasing, making it dangerous for businesses to reduce their spend in this area. Consider the impact on your already challenged bottom line if you had to deal with a major cyber incident.”
There are three steps to optimising a business’s cyber security budget. Oehley advises that businesses need to look at what they have; establish how they can get more use and value out of their existing solutions; and increase their productivity. “Building demonstratable ROI is key. Companies need to maximise the effectiveness of their security spend and bring new efficiencies into their security framework, optimising their existing resources and tech landscape.”
The allocation of security spend is becoming increasingly key and strategic. “While budgets are certainly being relooked at, businesses aren’t necessarily cutting them; instead, they’re considering allocation in terms of the best place to spend their money. A landscape in which cyber threats are growing and budget allocation becoming more strategic places more pressure on smaller and medium-sized companies as they’re often the target of social media and ransomware types of attacks because of the limitations around their security budgets.”
He says companies should be examining their security budgets with a view to what they want to get out of their spend. “There are multiple ways to optimise efficiencies here, but first you need to ensure you have a holistic view of your cyber defence strategy. A lot of budgets are focused on disparate solutions, but to increase efficiency and value, you need a holistic view of what’s happening. Then you can consider solutions that can incorporate different tools. This requires a shift in mindset from buying a tool to how you can make it operationally efficient with your existing solutions.
“Moving into a service type landscape will enable the business to reduce the burden on strained resources, such as security skills. Despite a challenging economic and cyber threat environment, the bottom line is that most businesses aren’t gaining additional resources, which is why they need to make the most of the resources they do have, as well as their security stack.
“Another aspect that needs to be considered is insurance for cyber security. By increasing the resilience and efficiency of what you’re doing, you can increase your prospect of being insurable. We’ve seen instances of customers getting up to a 30% reduction in their cyber insurance fee, which is why it’s key to relook at budgets to ensure you focus on efficient areas, reducing the budget in some areas and increasing it in others where you can add value.”
Having a holistic view makes it easier to uncover threats; Arctic Wolf has uncovered threats in about 43% of its customers within the first day. “Then we can start talking about building efficiencies around the existing solution. When we partner with someone, the customer gets a predictable model on how they can build their solution forward instead of incurring disparate costs on an ongoing basis. They can plan their budget ahead from multiple aspects, ensuring the projected spend covers growth in their organisation. All too often, a new threat comes out and there’s a massive requirement for new tools, skills or development, and that’s where the costs start escalating. Having a plan for the future in place gives companies control over their security spend going forward and ensures their cyber security strategy stays abreast of evolving threats,” says Oehley.
Share