What sorts of innovative approaches have you found to optimize your cybersecurity budget? Have you adopted any new strategies for maintaining protection levels despite financial constraints?
Sort by:
Optimizing our cybersecurity budget revolves around three main strategies: automate, automate, and automate. We’ve reached a level of maturity where workflows support all our change requests, but the challenge remains the increasing scale of threats. Hiring on a one-to-one basis isn’t feasible, so bending the labor curve through automation is crucial. This includes using AI and machine learning, which are already integrated into many of our tools. Generative AI assists cyber analysts by augmenting processes, allowing us to optimize budgets and manage labor costs effectively.
Automation also helps maintain protection levels by enabling us to counteract adversaries who are also using advanced tools. Speed and scale are vital for safety, and automation allows us to quickly detect threats. It’s not enough to receive data; we need insights. We are inundated with data but still lack actionable insights. Automation, particularly in the form of Security Orchestration, Automation and Response (SOAR) can help, though achieving maturity in this area is challenging. Automating responses to signals can be risky if not done correctly as it could disrupt infrastructure and performance. But as intelligence improves, automation will allow for faster decision-making and response, reducing labor and time burdens.
We are developing these automations internally as well as utilizing external tools. Some of the automation comes from the tools and suppliers themselves, offering more capabilities. However, much of the automation involves horizontal integration across various process areas, such as firewalls, threat intelligence, and vulnerability management systems. This fusion increases scale and speed while keeping costs down.
JR summarized it well. Whether dealing with internal or external vendors, the focus should be on optimizing processes. For internal development, it depends on the maturity of the organization. With external vendors, there's always room for negotiation and tool consolidation. Many companies have accumulated numerous cybersecurity tools over the years, and there's a need to consolidate and focus on core tools. Some companies manage this well, while others need to reassess their toolsets. Phased culling of unnecessary tools can be effective, and negotiating long-term contracts with strategic vendors is also beneficial in ensuring good deals and support. But not all companies have the expertise to develop in-house tools, especially in industries like chemicals.<br><br>
I believe it’s crucial to incorporate certain cybersecurity responsibilities into the job roles of business heads. For instance, fostering a culture of ‘Security by Design’ within the development and product teams can significantly contribute to the cybersecurity budget. This approach not only enhances the robustness and security of the development process but also aligns with the overall business strategy.
Vendor consolidation and longer-term strategic partnerships, which reduce costs while maintaining enterprise-grade protection. Regularly review in/outsourcing mix and leverage AI automation to maximize efficiency.