[BreachExchange] How to improve your security infrastructure when you’re on a budget

Audrey McNeil audrey at riskbasedsecurity.com
Mon Mar 5 20:58:00 EST 2018


https://www.helpnetsecurity.com/2018/03/05/security-infrastructure-budget/

When you’re on a tight budget for cybersecurity, it can seem almost
impossible to secure every part of your businesses’ network without going
over budget with the latest technologies in place.

You may not be able to solve all your security needs immediately with a
small budget, but the important thing is that you are working towards your
security goals and taking steps to move the needle forward.

Planning and prioritizing

Start with examining your current security landscape. This is always a
critical first step for any company with or without budget restrictions.
Find out where the holes are, what needs work, what’s being protected and
what isn’t. Once you do that, you’ll understand where your infrastructure
stands, which you can then factor in regulatory requirements that might
apply to your organization and the data that you are securing.

Unfortunately, you won’t be able to fix everything right away. Determine
what actions are an immediate priority and work your way down. Prioritize
the top things that need to be focused based on the severity of risk to
data, the organization and individuals. Determine what those top priorities
are and work your way down.

Stay up to date

Technology and the cybersecurity industry are constantly evolving at a
rapid pace. It’s important to educate yourself and ensure that you’re
installing the latest patches, plug-ins, etc. It also helps to know when
certain malware or ransomware are released, and how you can further protect
your organization from it. Don’t forget to consistently check your network,
looking for potential gaps that need to be filled.

Optimize products

A lot of times, businesses will go out and buy the latest shiny new
firewall thinking that it will solve all security issues. You don’t need
the latest and greatest technology tools to be secure. Utilize the
technology that you already have in place instead of buying a new or adding
more security tools to your network. Revisit the tools you have and make
sure that you are exploiting them to their greatest potential and research
all the ways that this technology can be used.

Leverage vendors

Cybersecurity is a full-time job and is almost impossible for an
individual, or internal team, to constantly monitor and respond to alerts.
One thing to consider is leveraging vendors. Do your research and determine
what vendors might be the best fit for your business and see what types of
solutions and services they offer. Select from one to three vendors of your
choice and explain to them your goals along with your budget constraints.

Often times, the vendor can help get creative with you and find ways to
work within your budget, while also helping to reach your goals. The more
the vendor knows about your company, the better they can help and offer
expertise in where they believe you may need the most help and what areas
you can save money.

See if you can do monthly payments or partial payments with your vendor.
Determine if you can work out a payment plan if purchases are made with a
vendor more than once a year, can you leverage buying power across other
services.

Track your spending

Make sure that you track and log all of your spending against operations
and capital budgets and know what needs to be spent in the later months or
quarters to achieve your goal. When you track your spending, it’s easier to
see where your money is going and where you need to save in certain areas.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20180305/39349be1/attachment.html>


More information about the BreachExchange mailing list