Without really knowing the situation, it's hard to say whether that is appropriate. I have seen many organizations...
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
work far more efficiently and effectively with tighter budgets.
But let's assume for the sake of argument that losing the funding will significantly affect the security team's ability to protect the company from future breaches. It is now your job as security manager to communicate effectively to the executives that information security is more important than ever before.
In the case of large breaches, organizations such as the FTC can and do impose more then just fines: they mandate that certain actions be taken to prevent future breaches. This usually translates into making serious IT investments to improve security. If your company is in this situation, gather together these new requirements into a slide or two as justification for why the IT security department needs continued funding.
Even, if you don't have an outside mandate, gather together examples of the above data, because it shows you are actively interested in the health of the company and preventing a future breach. Still, without an outside mandate, this is a more challenging presentation, so it's important that you have good business justifications for your projects and that the projects are focused on addressing issues discovered as a result of the recent breach.
For more information:
Dig Deeper on Disaster Recovery and Business Continuity Planning
Related Q&A from David Mortman
While IT security consultancies can be helpful when trying to find flaws in an information security management framework, there are ways to do it ...continue reading
PCI DSS audits can be a lot easier if the scope is narrow. Learn how to consolidate and store sensitive data in order to best reduce PCI DSS security...continue reading
When hiring an information security team member, how important is a certification in information security? Learn how to talk to executives about ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.