Acting without Thinking is like Shooting without Aiming
The High Cost of Deferring Security Spending
There is a nice article in this week’s bMighty.com Weekly Digest warning about making too many spending cuts around security. For those of you in a position to make decisions around cost cutting, you know how difficult those decisions can be, especially after we’ve already made the ‘easy cuts’. We all have felt the impact of cost-cutting at some point in our careers. Often times, decisions are made in those areas that appear to be the least detrimental on our business.
As most of us in the IT space have witnessed, these decisions are often made without the benefit of full disclosure. Some of that is on all of us. We need to make sure our managers are fully aware of the benefits certain costs provide as well as what the risks are by cutting back on or eliminating these capabilities. If you choose to defer investment in the new CRM application or your next hardware upgrade, your business is likely to continue. Growth may slow, but you won’t go out of business.
On the other hand, a serious security breach can kill your business. With margins so tight, where will the cash come from to fight a lawsuit because of a data breach? Where will the time (and money) come from to take on the regulators? If you need to make cuts to key security initiatives, it seems fair to say that you won’t be able to come up with the ‘extra’ cash to take on these sorts of challenges.
Interesting facts:
Based on these data points, it’s not clear what is being cut and what is not. And in the overall scheme of things it probably doesn’t really matter to you. What does matter to you is how your company is treating this. Compounding the challenge of course is the idea that security is a lot like life insurance. You want to make sure you have it, you want to make sure it’s enough, and you hope you never need it. By the time you do, it’s too late.
Scott
There is a nice article in this week’s bMighty.com Weekly Digest warning about making too many spending cuts around security. For those of you in a position to make decisions around cost cutting, you know how difficult those decisions can be, especially after we’ve already made the ‘easy cuts’. We all have felt the impact of cost-cutting at some point in our careers. Often times, decisions are made in those areas that appear to be the least detrimental on our business.
As most of us in the IT space have witnessed, these decisions are often made without the benefit of full disclosure. Some of that is on all of us. We need to make sure our managers are fully aware of the benefits certain costs provide as well as what the risks are by cutting back on or eliminating these capabilities. If you choose to defer investment in the new CRM application or your next hardware upgrade, your business is likely to continue. Growth may slow, but you won’t go out of business.
On the other hand, a serious security breach can kill your business. With margins so tight, where will the cash come from to fight a lawsuit because of a data breach? Where will the time (and money) come from to take on the regulators? If you need to make cuts to key security initiatives, it seems fair to say that you won’t be able to come up with the ‘extra’ cash to take on these sorts of challenges.
Interesting facts:
Based on these data points, it’s not clear what is being cut and what is not. And in the overall scheme of things it probably doesn’t really matter to you. What does matter to you is how your company is treating this. Compounding the challenge of course is the idea that security is a lot like life insurance. You want to make sure you have it, you want to make sure it’s enough, and you hope you never need it. By the time you do, it’s too late.
Scott
Category Cutting IT Costs
| Permalink |
|
|
|
|
|
