Recently, the CEO of an organization told me that his budgeting process demonstrates his commitment to protecting from cyber-attacks because he includes his investments in the IT Vital Systems Reviews as part of his risk management budget. You might already do this too.
He explained that his 2021 IT budget is for new servers, software licensing, network upgrades, etc.
He said the risk management component of his 2021 budget includes the investment in Foster Institute’s preventative cybersecurity reviews.
He says that an added benefit is that his Profit and Loss Statement clearly distinguishes actual IT expenses from cyber risk management.
Please forward this to your friends and encourage them to budget their organization’s risk management investments separately from their IT budget. Maybe they already do.