A CISO’s Guide to Obtaining Budget: Never Waste a Good Crisis (or Data Breach)
This podcast is the fifth in a six-part series examining the difficult task of securing resources for IT and security needs. In each episode, John Dickson, principal and co-founder at Denim Group, will discuss challenges and share recommendations for how chief information security officers (CISOs) should approach the task of obtaining budget.
Unlike most resource allocation decisions within the enterprise, decisions involving security projects are often influenced by external events, namely data breaches encountered by other organizations in one’s own sector or industry.
This episode of the “CISO’s Guide to Obtaining Budget” podcast series looks at how CISOs can take advantage of external breach stories to demonstrate the tangible need for increased security resources. As just one example, the recent WannaCry ransomware attack clearly revealed the importance of regular patching and basic security hygiene. CISOs who had cultivated a wellspring of credibility (listen to our previous episode for more on this topic) were likely able to parlay this unfortunate event into funding for a more up-to-date patching program or new security awareness training for employees.