What is the right amount to spend on cybersecurity?
According to Gartner, the average is approximately 5-8% of the IT budget. But a survey published in CIO magazine claims that amount is closer to 15%, with some executives claiming they spend upwards of 20% securing their data.
How are those cybersecurity dollars being allocated?
- Secure the perimeter!
- Real-time analysis of activity and risks within the network
- Third-party assessment to find security gaps and vulnerabilities
- Fortifying detection and response capabilities
Are you spending too much?
Probably not. Spending on protecting data is typically a good investment, unless you are spending in a way that does not reduce your risk. The best way to get the most out of your cybersecurity spending is to be sure your spending is aligned with your actual risks.
Use a known cybersecurity framework (such as NIST) for setting a baseline and then regularly measuring progress as you prioritize solutions for filling your gaps based on how much they will reduce risk, compliance requirements, and budget.
A one-size-fits-all approach should be avoided — your technology partner should closely review and tailor your cybersecurity program to cover your actual risks.
ACE IT Solutions’ compliance and risk management experts can help customize a cybersecurity program that meets your specific risk and compliance requirements so you can be sure you are spending the RIGHT amount on cybersecurity. Contact ACE IT Solutions at 646.558.5575 or firstname.lastname@example.org to set up a consultation.