Use this year’s annual budget cycle to make a real difference in your organization’s cyber security.
All cyber spend is a shot in the dark if it isn’t based on objective, quantifiable data. That’s always been true, but often ignored by CISOs and organizations that thought it was too difficult to get the facts, or too free-spending to care.
COVID, work-from-home, budget cuts – they all mean more scrutiny than ever for CISOs and the budget decisions they present to the CEO and BoD for approval. If you ever had an open checkbook before (if you did, please tell us how!), it’s certainly closed now.
CISOs need, more than ever, three things to get anything done:
If CISOs want to be truly relevant to the organization, that starts with becoming understandable. They have to stop speaking techno-babble and start speaking the language of business: economics. Becoming understandable is a step towards becoming credible. But being credible also requires presenting objective data about the organization’s security posture, not guessing, not “trusting your gut”. Bring answers, not questions. That leads towards relevancy, being an equal member of the senior team guiding the organization towards its objectives.
We think TrustMAPP helps do exactly that. Not only does it automate security and privacy assessments, so you know if you are compliant (yes/no), or what your maturity level is (0-5), it suggests remediation actions, and their budget estimates, to fix gaps in compliance or desired maturity.
That means going to the board with your annual budget request with complete transparency and accountability – what you’re asking for, what it will cost (capex and opex), and why – how the investment will improve the organization’s ability to achieve its mission.
We hope that you’ll consider this, and put TrustMAPP’s Security Performance Management (SPM) offering on your short list of things to budget for in 2021.