What can you do to maintain security in a large enterprise when your cyber budget is shrinking?

Though a shrinking cybersecurity budget is thankfully not the current situation for my organization, if I were in that position, I would look to trim costs by using a risk-based approach.  We would try to focus more on training, awareness, and governance activitiies, and look to limit our spend on tools and systems that yield overlapping benefits.  

With the available budget, one can surely bring in some static and dynamic analysis tool and have that implemented with frequent runs to keep a check on the cyber issues/vulnerabilities with proactive steps and root cause analysis to have them investigated and fix over the period of time.

Making sure all employees are well trained, keeping technology up to date, and enforcing good security practices overall can help maintain security in all enterprises.

Additionally, the following could be helpful:
1. Enabling multi-factor authentication (MFA)
2. Having good documentation and mapping of assets and data
3. Leveraging tools enterprises may already have available but haven't made full use of, due to lack of expertise, training, or time.

Proactively building strategy around top security deployment and maintenance. Focus on cyber attack trend analysis. Align internal stakeholders priorities. Speed up ML/AI technology transformation. 

Empower users with ongoing knowledge and training. 
Ensure proper network segregation , permissions and access are all in place.
Lock down as much as possible.