Security spending is often part of the larger IT budget under the CIO’s control. IT’s needs generally take precedent, which leaves the CISO to scramble to find stable funding to bring on the required talent. This leaves the CISO to use developers from IT to fill in the gaps which opens up all sorts of vulnerabilities.
Instead, CISOs should lobby for an autonomous security budget to allow them to build reliable multi-year spending plans and projections so they can craft longer-term investments in the people and technology that they feel is appropriate – planning that helps ensure not only they’re getting good contract terms and a skilled team but also boosts their security posture in the process.
CISOs looking to maximize their dollars should examine their staffing requirements and determine whether some positions or functions could be outsourced, Beu says. For example, CISOs may find that hiring managed service providers for some highly specialized skills that aren’t needed full time could free up dollars or they could leverage specialized expertise and services from existing vendors as part of contracts already in place.
Read the full article by CSO.com to understand 10 ways to get more from your security budget here >>
By Mary K. Pratt
Contributing Writer, CSO | APR 27, 2020 3:00 AM PDT