Cybersecurity budgets have been on the rise the past few years, and for good reason. Organizations face an ever-intensifying barrage of cyberattacks — and the digital environments they must protect keep growing larger and more dispersed. It makes sense to invest more heavily in cyber defense.
But reality can interfere with the best-laid plans. Such is the case when it comes to a possible economic downturn. Smart cybersecurity leaders should prepare a provisional plan for reducing costs — without subjecting their organization to additional cybersecurity risk.
It’s a tough ask given the fact that we’d all like more cybersecurity budget and more staff. But a quick scan of the layoffs in the headlines and the weak projections for future growth on many earnings calls this past quarter have made it clear: Cybersecurity leaders should hope for the best but prepare for the worst.
Budgeting Tactic #1: Consolidating tools
One potential area for cybersecurity savings can be found in your SecOps toolkit. Organizations’ toolkits have grown over time as new and useful technologies emerged. And with budgets growing, many cybersecurity decision-makers have avoided pressure to cut back — especially since headcount has historically been the most critical budget item.
But if you do have to consolidate your toolkit for economic reasons, there are several ways to do so. If you’re adopting extended detection and response (XDR), for example, you may be able to retire some or all your investment in SIEM. For one thing, XDR will be acting as your events aggregator. For another, unlike your SIEM vendor, your XDR vendor probably isn’t charging you more money as your event repository grows. Plus, a little creative scripting will enable you to generate the same compliance reporting with XDR as you did with SIEM.
You could also potentially leverage your XDR implementation to significantly reduce your EDR or NDR costs, if included.
Budgeting Tactic #2: Automation
Most organizations’ security operations are under-automated.
In some, it’s because their processes aren’t mature enough to codify. For others, it’s because the SecOps team doesn’t have the coding skills to execute aggressive process automation. And for many, it’s because everyone is too busy putting out fires to make the necessary investments of time and effort.
If your team falls into one or more of these categories, now would be a good time to make a change. The investment you make in automation today will pay off handsomely in future time saved. And if an economic downturn does occur, those time savings won’t just be convenient. They’ll be a necessity.
Of course, automation doesn’t only require coding of the appropriate scripts. It also requires accurate threat identification — since that’s the basis for triggering the correct automated response.
Budgeting Tactic #3: Service and support
Some SecOps leaders might view fast access to expert vendor support as little more than incremental added value. But if you get caught in a resource crunch next year, superior security support will be worth a lot more. Any time your staff is wasting waiting for vendors to provide them with badly needed answers is time you can’t afford — especially in an emergency, and especially when you don’t have extra money to deal with the costs associated with a breach.
If you’re going to get more resource-conscious — whether you’re preparing for a macroeconomic downturn or just trying to stretch your budget for other reasons — consider how much value there is in having a vendor consistently available for immediate support. That way, your people can stay productive when it counts most.
Similarly, consider how you might get more business value from your cybersecurity budget by making greater use of managed detection and response (MDR) solutions.
You’re likely to find that the economics of outsourcing your routine day-to-day SecOps tasks are very compelling — and will free your in-house staff to focus on more strategic tasks. One global airline manufacturer saved close to $500,000 per year by using Secureworks® Taegis ManagedXDR.
Given the magnitude of the cybersecurity challenge, it’s a good idea to stretch your budget whether you believe there’s going to be a recession in the near future or not. But if there is a recession, your operational efficiency will be just as important as your technical proficiency.
To learn more about the potential economic returns of investing in a Managed XDR solution read Forrester’s Total Economic Impact Study.