How CISOs get executive buy-in for security budgets
Posted on 17 October 2013.
Wisegate released a new report that shares how CISOs successfully gain executive buy-in on security budgets and strategically manage them.


Most CISOs face significant challenges communicating the value of security in business terms, winning budget approval and planning for unanticipated expenses—and find benefits from conferring with and learning from the experiences and successes of their peers.

“While spending money on information security is essential for most companies—be it in the form of technology, awareness, or education—reaching an agreement on how much to spend and where to spend isn’t always easy,” said Candy Alexander , former CISO of Long Term Care Partners and ISSA Board Member. “Knowing how other CISOs overcome budget challenges and what leadership strategies they find effective can sometimes make the difference between winning security budget buy-in or struggling through another year without adequate funding.”

Benchmark data, threat models and other risk-based approaches can help CISOs determine how much should be spent of information security. But corporate culture, industry trends and economic circumstances often create a gap between the ideal security spend and actual budget. Sometimes success requires innovation. When funds are not available to manage security programs by the book, creative management of spending can help CISOs maintain a strong security posture.

The report focuses on 3 key areas to help CISOs successfully navigate the budgeting process.

Determining How Much Should be Spent on InfoSec - New strategies CISOs use to allocate budget along with critical factors to consider when using peer-based benchmarks and model-based approaches.

Budget Estimation and Spending Strategies - How company culture and CISO spending philosophies impact the budgeting process from estimating and justifying expenses to resource planning and preparing for emergencies.

5 Tips for Winning Budget Approval - CISOs share how they use risk-based approaches, collaboration, leadership changes and soft skills to build buy-in for security programs and budgets.

“CISOs and other senior security leaders face many challenges during the budgeting process—including knowing how their security spending compares against similar organizations, allocating budget based on business needs, communicating the importance of security to upper management and gaining critical leadership buy-in,” said Sara Gates, Founder and CEO of Wisegate. “Wisegate exists to help senior IT practitioners overcome these challenges by offering a practical and unbiased information source built on the real-world experience of veteran IT professionals.”

The complete report is available here (registration required).





Spotlight

eBook: Cybersecurity for Dummies

Posted on 16 December 2014.  |  APTs have changed the world of enterprise security and how networks and organizations are attacked. These threats, and the cybercriminals behind them, are experts at remaining hidden from traditional security while exhibiting an intelligence, resiliency, and patience that has never been seen before.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Wed, Dec 17th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //