Commentary by Nick Kathmann, CISO at LogicGate
Allocating security resources can be a daunting task for CISOs and other security leaders, but there are ways to strike a balance between short-term and long-term needs.
Cybersecurity has become a high-stakes balancing act — the modern CISO is under constant pressure to protect their organization from the latest threats, including ransomware and phishing, while also developing long-term security strategies and reporting to the C-suite and board.
This means juggling immediate needs, such as patching vulnerabilities and responding to cyber incidents, with long-term goals, including adopting emerging technologies and developing a skilled cybersecurity team. This challenge is made worse by limited budgets and the need to justify the value of security investments to the business.
Budget allocation: immediate vs long-term security
Nicholas Kathmann, CISO at LogicGate, says that when resource planning, it’s a good idea to have a certain percentage of staff time (30% is a good rule of thumb) dedicated to long-term projects vs the day-to-day work keeping the lights on. This makes it possible to respond to immediate threats effectively, with only minimal risk of impacting project timelines.
Watch this on-demand webinar from LogicGate and Compliance Week to learn about the acronyms that have revolutionized the…
Proactively managing banking breaches for before and after they occur.