Benjamin Franklin’s maxim that an ounce of prevention is worth a pound of cure is especially true in the world of cybersecurity — it costs much less to prevent attacks than to repair the damage after they occur. However, most IT organizations say they lack the resources to effectively prevent threats.
Three-quarters of North American organizations say they do not have an adequate security budget, according to one survey. Additionally, 59 percent said they lack executive support for key security initiatives.
As we noted in our last post most organizations are now beginning the process of planning their IT budgets for 2020. With proper preparation, IT leaders can use the process to improve both budget allocation and executive backing for IT security.
Effective communication is the key. Non-technical executives might generally support IT security initiatives, but often don’t fully understand how specific budget requests will deliver improvements. This is frequently because IT leaders fail to make a convincing business case for spending, relying instead on industry-specific jargon and highly technical language during budget presentations.
Budget meetings are the perfect forum for IT to make its case by focusing on benefits and results rather than technical details. The process can stimulate discussions about your current security posture, the evolving threat landscape, potential risks and vulnerabilities, and solutions that deliver measurable value.
At least one study suggests executives are eager to receive such guidance from IT. According to the most recent version of TechRepublic’s annual IT budgeting survey, CFOs and other C-suite executives say improving security is a top budget priority for 2020, and they want IT to take a more active role in preliminary purchasing decisions.
So, how do you prepare for the budgeting process and gather the data points you need to effectively communicate your needs to executives? A trusted technology provider can be a valuable ally. Here are three ways RMM Solutions helps customers prepare:
- Security Posture Assessments. Unlike more technical vulnerability assessments, these free assessments focus on business issues related to security. Auditors conduct interviews, evaluate physical security, review policies and procedures, and prepare a straightforward evaluation of your current environment. The analysis designed to identify and articulate business objectives and priorities for a non-technical audience.
- Tech Talks. RMM’s team also conducts complimentary seminars designed to present technical information to non-technical audiences. We use a variety of whiteboard presentations and other visual aids to help executives understand what critical business processes may be at risk, and how to prioritize security efforts to mitigate those risks.
- Proof of Concept. Many executives have been burned in the past by signing off on IT projects that failed to deliver the promised value. A proof of concept that shows how a service, appliance or application works in real-word conditions is an extremely valuable tool for demonstrating that a proposed solution meets a business need.
Obtaining executive buy-in is clearly a critical step in the IT budgeting process. Overworked IT professionals are often unsure how to make their case, however. According to the TechRepublic budget survey, IT pros are increasingly asking trusted providers to help them answer questions from their executives, develop ROI and TCO projections, and run proof of concept demonstrations. If you’re looking for help with your 2020 budget plans, give us a call.