Corporate Cyber gate keeper protecting our assets: CISO budgeting decisions
The Chief Information Security Officer is the corporate gatekeeper protecting our digital and technological assets from threat agents. This responsibility comes with the watchful eyes of the company’s employees and decisions on technological protection. These decisions include budget forecasting, training, and bearing the responsibility of the companies Cyber Security program. How would I balance a budget as a company’s CISO with limited resources? Challenges are undoubtedly present due to the COVID-19 effect on companies, but we, as the Cyber Security subject matter experts, still have to get the job done.
Unfortunately, due to COVID-19, company profits are down, and employees are forced to work harder for less money leading to workplace deviance and putting organizations at risk for data breaches. I would cut operating costs by allowing the security team to work remotely. Executing this has a twofold reaction: it cuts operating costs and increases worker productivity. Studies have shown that employees working from home work harder at their jobs and give longer hours on the clock. As the Chief Information Security Officer, I would allocate part of my budget to the technology needed to maintain a workforce comprised of Cyber Security team members remotely working from home to secure the company’s assets.
Maintaining efficient cyber security operations is very important; in an article from Guru writer he writes, “Security technology is no longer seen as devices that are solely used to keep people and property safe, but it is finally becoming a strategic tool to help improve business” (Guru Writer 2021, pg 1) When managing enterprise risk, you must consider the technological change and threats prevalent today in the company’s risk assessments. Risk mitigation is achieved by keeping up with current trends and challenges. An article from Forbes Innovation enterprise tech by Bernard Marr in 2023 outlined the top 5 technology challenges in 2023. More common issues in today’s information technology work are supply chain challenges, increased security threats, accelerated technological innovation, talent shortage, and Demand for more sustainable technology. I would focus on training in critical information technology skills with the remainder of my budget.
First, I would focus on network security control training for my security team and non- Cyber security staff. The cyber security team would receive advanced technical training, and the other employees would receive training for informational purposes. Training in network security would consist of how routers, firewalls, and other devices work and why it is essential to maintain them. Then for Cyber security experts, I would bring in subject matter experts and training aids, keeping them updated on the latest Intrusion detection systems, Intrusion Prevention Systems, Virtual private networks (VPNs), and remote access programs. Training for the security team helps secure the company’s assets, making it more difficult for threat agents to initiate data breaches.
Also, allocating Blockchain technology and security is a top priority in the operational budget. This investment in Blockchain aims to bring the company a modern database mechanism that allows transparent information sharing within the business network. After incorporation, Blockchain will also be integrated into the company’s supply chain operations, identity control, and remote working home equipment. After the changes, the fiscal year’s operational budget should be expended. Suppose any other funds are available or can be allocated from another department after day-to-day operating cost covering equipment needed for work. In that case, the remaining funds will go to risk analysis training for my Cyber security team to keep them sharp.
Again, due to COVID-19, many companies are operating in the red for many reasons. I am allocating my budget to combat the lingering issues plaguing many companies operating to this day. Training employees and essential personnel while also upgrading security for our assets is the best way to utilize the operating budget I am allocated yearly. Chief information security officers hold much responsibility with sometimes little to no operating budget, so we must utilize it in the best way possible in the business world.
Sources sited
8 top priorities for CIO’s in 2023, (John Edwards 2023)
The challenges of being a CISO during the COVID-19 pandemic, (Guru Writer 2021)
Forbes, The Top 5 Technology Challenges in 2023, (Bernard Marr 2023)