ePortfolio entry # 7 – What are the costs and benefits of developing cybersecurity programs in business?

Posted by kpion001 on

In starting business there are always costs associated with everything you do, one of the jobs of senior leadership is determining where the best value and most benefit would come from money spent. Be it R&D or Cybersecurity there is a cost and benefit to it all. The first cost that I think of when it comes to cybersecurity programs is hiring the right people for the job. If you as a business have determined that you need a cybersecurity program, you need a team that is qualified to carry this out. The cost associated with the right personnel depending on the size of the organization could be quite high. Starting from the top down you would need a CISO, Directors, VP’s, Analysts, Engineers, and then within each of those groups specialized groups and staff to carry out the various cybersecurity tasks. The benefit of course is that the people who are tasked with how to make the widget better and sell more of them, don’t have to worry about whether those six laptops on the inventory list that haven’t logged onto the network in the past week have gotten the critical patches that Microsoft released on patch Tuesday. Of course you could also go the route of outsourcing those functions to an MSSP (Managed Security Services Provider) who will take on as much or as little of that responsibility as you would like them to. The up front cost here might be the same and in some cases maybe higher, however the benefit is that immediately you have installed a team of highly qualified, certified and experience cybersecurity professionals overseeing your program with the latest and greatest technology to backup that experience and you would save money as you wouldn’t have to incur the human resource related expenses of all that additional staff. The cost of hiring qualified recruiters that are able to identify cybersecurity talent, the cost associated with the time the search for talent would take and the cost of not having that staff in place, then the cost of on-boarding those individuals, and if you aren’t good at retaining that talent the cost associated with losing your talent before you’ve reached the break even dollar mark for how long you had to keep them on staff is all something that needs to be accounted for. Someone in HR told me at one place that I worked that they needed to keep employees on staff for a period of two and a half years to break even on the hire.

Leave a Reply

Your email address will not be published. Required fields are marked *