Editor’s Note: The study published jointly by Deloitte and the National Association of State Chief Information Officers is attached here.
The study’s first finding is on the “cybersecurity budget-strategy connection.” The report states that “Insufficient funding is still the greatest hurdle CISOs face. CISOs must continue to build business stakeholder advocacy for cybersecurity initiatives by communicating strategies and reporting on risks, progress, and results.”
To be effective, CISOs are going to have to do much more than engage in advocacy and communication strategies, they are going need to build a business case that their strategies are cost-effective. With increased budget austerity inevitable, it’s not enough for CISOs to show progress and results, they will need to demonstrate that they are achieving those results in as cost-effective way as possible. Federal and state/local governments will need to partner with the private sector in developing the anaytic tools and studies needed to make their case.
Leave a Reply