How CXOs View the Risks and Rewards of Cybersecurity
Most CEOs and CFOs in the financial industry will tell you that cybersecurity isn’t cheap. And it’s true — a recent study by Deloitte found that, on average, financial services companies spend 10% of their IT budgets on cybersecurity. A commonly held view among executives is that cybersecurity spending is an expensive precaution. The challenge for IT professionals is to help reframe that discussion with their C-level team and position cybersecurity as an investment, not an expense.
Balancing the Rewards and the Risks
The first question many C-level executives ask when allocating budgets is ‘how will this help grow the business?’ For example, CFOs will invest in increasing production, acquiring new customers, or bringing new products to market faster. At the same time, they’ll seek to contain costs in areas that don’t directly contribute to the revenue line.
A second and equally important consideration is risk. CXOs will ask, ‘what are the circumstances that could prevent us from achieving our business goals, and how do we minimize or eliminate them?’
There are many nuances to the risk discussion. What is the nature of the risk? Security risks can run the gamut from vulnerabilities in cloud platforms, web applications and email services to bad actors exploiting your environment from within. Next, how likely are risk events to occur? What are the financial and operational impacts? What will it cost to address them? Finally,