Problem solve Get help with specific problems with your technologies, process and projects.

How to preserve an IT security budget from data breach fines

After a data breach, it's important to re-build security quickly and well, but when breach fines are exacted from a security team, it can cripple improvement efforts. Learn how to preserve an IT security budget to meet IT security goals.

Due to a recent data breach, our organization has been forced to pay numerous fines. Management has decided that a majority of the money should come out of the security budget. How can I convince them that now is the worst possible time to take away our funding, as the security team needs to re-group?
It seems that upper management views the incident as the fault of the IT security team; whether that is actually so, it would seem the bosses feel that it is perfectly appropriate to penalize your team by taking the funds from your budget.

Without really knowing the situation, it's hard to say whether that is appropriate. I have seen many organizations work far more efficiently and effectively with tighter budgets.

But let's assume for the sake of argument that losing the funding will significantly affect the security team's ability to protect the company from future breaches. It is now your job as security manager to communicate effectively to the executives that information security is more important than ever before.

In the case of large breaches, organizations such as the FTC can and do impose more then just fines: they mandate that certain actions be taken to prevent future breaches. This usually translates into making serious IT investments to improve security. If your company is in this situation, gather together these new requirements into a slide or two as justification for why the IT security department needs continued funding.

Even, if you don't have an outside mandate, gather together examples of the above data, because it shows you are actively interested in the health of the company and preventing a future breach. Still, without an outside mandate, this is a more challenging presentation, so it's important that you have good business justifications for your projects and that the projects are focused on addressing issues discovered as a result of the recent breach.

For more information:

Dig Deeper on Information Security Incident Response-Information

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.