Even During an Economic Slump, Businesses Should Not Cut Security Spending

From the start of the global COVID-19 pandemic through today, the world’s economy has been in a volatile place. Naturally, this has been a time when leaders in nearly all sectors — business firms, universities, healthcare centers, among others — have had to make difficult financial cuts in how they spend and what they spend their money on.

One area that shouldn’t find itself on the chopping block is investment in cyber and physical security measures. A company will only be as strong as its security, and when looking at budgets, it’s crucial that a strong security budget is maintained.

This is a point that Juta Gurinaviciute makes in a recent piece for Forbes.

In the article, Gurinaviciute, the CTO at NordLayer, discusses the very viable possibility that the world may enter a recession soon. While crisis management plans must be put in place, some areas of spending need to be prioritized over others. She says one realm that must be enshrined in a company’s budget is cybersecurity.

“In evaluating risks, it might seem reasonable at first to eliminate the costs that don’t directly affect production,” she writes. “If your business has never been exposed to a real cyber threat before, expenses for security systems might seem too pricey — a common misconception.”

Gurinaviciute stresses cyber protections have to be elevated to a “must-have” rather than a “nice-to-have” expense. To illustrate her point, she cites a recent IBM report that reveals the current cost of a data breach for a company comes to an average of $4.35 million. That number just grows by the year. Skimping on cybersecurity protections can significantly hit your bottom line.

“With the economic downturn affecting different businesses, cybercriminals and their “enterprises” are no exception. They will be more motivated to make money—and, obviously, at legitimate businesses’ expense. That means they will perform more attacks, from looking for vulnerabilities in your products and networks to tricking your employees into granting them access to internal data using social engineering techniques,” she writes, pointing to how economic downturns can offer significant incentives to cybercriminals to stage attacks. “Also, those techniques and technologies become more sophisticated year by year—highlighting the importance of timely cyber protection updates.”

What all of this underscores is the need for all members of a company’s team to be well versed in security concerns — everyone should be on board by way of trainings, all tech needs to be regularly updated, and Internet-connected physical security systems have to be maintained.

This certainly is an expense, but the great cost that can result from having your facilities breached, your data stolen, and your information compromised means now is not the time to de-prioritize security in your annual budget.

Published by Peter Cavicchia

Peter Cavicchia is a retired U.S. Secret Service Senior Executive, now Chairman of the security consulting firm Strategic Services International LLC. https://petecavicchia.com/

%d bloggers like this: