As the threat of the COVID crisis looms over the businesses’ growth and revenue in all their departments, their security budget is likely to take a hit. However, the long-term effects of cutting costs on security can have long-term negative effects.
On June 4th, the leading research company Pulse reported that 23% of security budgets have been frozen and 49% have been reduced. Even before the pandemic, IT security teams of organizations have always been known for being understaffed and underfinanced. The steep downward curve in the economy paints an, even more, a gloomy picture of the current crisis.
A CSO’s job becomes even more difficult when the CEO asks to reduce the cost of an already under-resourced budget of security. Hence, to actively seek better ways to create to maximize the ITSec budget strategy, CSOs could watch for these ideas for greater effectiveness:
Find the overlapping Technologies
The golden triangle of people, process, and technology has done wonders for organizations. Hence, start by identifying the various software and enterprise solutions of all the departments. Innovation will drive much better efficiencies, and that is the biggest motivation for security vendors to constantly add new features for efficiency and productivity. There’s a higher probability of overlaps that didn’t exist at the time of onboarding the software, but that can be taken care of.
It is smart to take feedback from all the departments within the organization about their software product, and thereafter, analyze the product features and eliminate the tools redundancies. This will substantially help to increase productivity as well as efficiency and can help to keep the budget more streamlined post the COVID-19 crisis.
Renegotiate with Security Vendors
Renegotiating contracts with security vendors can significantly reduce the security budget. As every vendor is taking multiple initiatives to keep their customer base, it is the right time to renegotiate with them for a better deal.
Shifting to a subscription model can help you with budget flexibility. If the vendors are not on the same page, show them that you are going to take steps to mitigate security risks by transitioning to open source alternatives. This will ensure that the organization keeps its security intact and its security vendor.
Every CEO is looking to save their businesses and is open to suggestions that will lower their costs. Hence, recommending the adoption of automation software for the lower end manual tasks can significantly decrease the already stringent budget of the organization.
Usually, CISO’s apply the 80/20 rule of Pareto Principle, and hence they need to get an insight into the top five ways the team spends their time and monitor if these activities align with the departmental or companies goals. Such workflows can deal with areas such as data collection, prioritization, incident consolidation, and remediation assignments.
Spending expenses on a tight budget is what the C-suite wants. But, by showcasing how other departmental funds such as human resources can be diverted to security and how it can enhance the security and reduce the departmental workload, increases the chances of them agreeing with the terms.
Cutting the budget by laying off the workforce has been adopted by organizations across the world. June job loss states that over 30 million Americans have been out of the workforce. Also, a survey conducted by the pulse shows that 40% of organizations are planning to let their employees go before November. Despite these, losing skilled employees can have a drastic impact on team morale and hamper the future recruitment process.
At some point, the pandemic will be over and the leadership insight during this crisis will be the judge of a leader’s professional stability and reputation. Hence, finding ways to cut the budget without hurting the security in the future, is the appropriate approach to sustain in the market.