In the next few years, the biggest challenge in cybersecurity won’t be dealing with a specific threat, but rather conveying a meaningful value proposition throughout the organization, and especially to the C-suite and board. It is key to the sustainability of cybersecurity and perhaps our biggest blind spot!
Articulating value has always been hard, but two major factors are emerging to exacerbate the problem.
First, the economy is in a downturn. We can expect a tightening of budgets and spending not related to revenue generation. This is a problem for cybersecurity and privacy, which are often seen as a cost center or an expense, that can be trimmed during lean budgetary times.
Secondly, the cost of cybersecurity continues to rise every year. We typically see 12% to 20% annual budget increases, and now a recent study showed a shocking 60% growth in budgets last year. This financial demand is not sustainable year-over-year for businesses. And realistically we don’t see an end in sight.
Quantifying the value of security has always been difficult, but now more than ever cybersecurity must align itself to enable and deliver meaningful contributions to the overall business goals and definitively convey this value to secure continued investment and support.
Failure to do so will undermine executive backing and that is a downward spiral when faced with ever-growing threats. It is a road that will lead to disaster, disillusionment, blame, and further disruption to the capacity to prevent future from future cyber-attacks.
That is why the cybersecurity leadership, across all sectors, needs to begin maneuvering to optimize efficiencies, align to deliver outcomes that contribute to the business goals, and clearly articulate the overall value proposition.
Those who fail will be fighting an uphill battle for funding and executive support that only shifts when really bad things happened. And that is not a good business model.
I’m going to be talking more about the challenges of communicating cybersecurity value in articles, blogs, videos, and when speaking at conferences, like I did recently during the SPHERE2022 conference, because it is so crucial to the durability of cybersecurity. This will be the next big challenge for CISO’s and there is a lot to unpack around the risks and opportunities.
As always, come join me on the Cybersecurity Insights channel for more discussions and industry analysis. The link is below.
Link to the Cybersecurity Insights channel: https://www.youtube.com/c/CybersecurityInsights
Posted with STEMGeeks