As 2018 comes to an end, companies large and small will begin the process of haggling and negotiating over annual budgets. This can be particularly frustrating for IT and security pros at SMB and mid-market companies. They’re stuck trying to secure more resources for a segment of IT that many view as pesky cost center rather than a business requirement with the potential to prevent massive financial and reputational damage. To help with this issue, WatchGuard CIO Wayson Vannatta recently wrote a contributed article for Help Net Security that explains how mid-market security budgets will change in 2019, and how individuals at these companies can successfully negotiate for increased security spending.
Wayson believes that security budgets will increase overall at SMBs and mid-market companies as more businesses understand the risks posed by threats like ransomware and the overwhelming cost of recovering from a data breach. At the same time, changes in the IT environment will lead to more spend being allocated towards protection for mobile workers, multi-factor authentication, IoT device security and virtual versions of security appliances.
With annual planning season upon us, there are several strategies IT directors and security professionals can use to build relationships at their companies and increase the chances of getting budget requests approved. Here’s an excerpt from Wayson’s article explaining one of these strategies:
“Begin budget meetings by briefly explaining your roadmap for the next several years and discussing the state of your organization’s security, including what you do well and what you can to improve. This gives your CFO or comptroller valuable context. You might say, “Currently we are spending 80% of our security budget on prevention, but it takes 190 days on average for companies to figure out they’ve been breached. Having good detection and response can reduce that. I want to focus on detection and response next year, then try to improve recovery the year after that.”