The cost of living is going up across the world and it’s clear that it’s a crisis for many businesses and families. With the price of raw materials, fuel, transport and energy increasing, organisations are looking to minimise their spending just to keep afloat.
Such hard times call for difficult decisions, with organisations having to make calls on where to make cuts. Some may reduce the size of their workforce, others alter their processing methods, while a few will strip back their expenses to the bare essentials.
But where does cyber security rank as an essential business expense?
Although there is no one-size-fits-all approach, organisations are generally advised to spend approximately 4% of their revenue on IT services. Where should that money go, and why is this spending essential in tough economic times?
Rising costs across the board
Many businesses will not have faced such hard financial times, and for some, the rising costs are not sustainable.
Prices are going up across the board thanks to the rate of inflation, from materials to insurance. For instance, the average cost of electricity for a business has increased by 349% since February 2021.
When it comes to cyber security, some organisations may invest in cyber insurance to keep costs down after suffering an incident, but this should be complemented with a proactive approach.
A cyber insurance policy will cover many of the costs associated with a cyber attack, but it won’t make you any less likely to suffer a data breach.
By contrast, while implementing appropriate technical and organisational measures requires greater up-front investment, this helps mitigate the risk of a security incident while also maintaining the organisation’s reputation.
Continuing to invest in cyber security in the face of adversity is essential for reducing an array of information security risks, from criminal hackers accessing critical data to malware and ransomware grinding activity to a halt.
Remote working requires extra security
Remote and hybrid working patterns are not only beneficial to employees but also enable organisations to save money by cutting office capacity.
The reduced energy use can be an appealing way to help organisations prioritise remote working on a part- or full-time basis.
However, remote working comes with additional information security risks, such as staff using personal devices, accessing company files on unsecured networks or not updating to the latest software, so organisations must ensure they have adequate cyber security.
Fortunately, there are ways to avoid these pitfalls. Having a cyber security team on hand and other forms of IT support can prevent disruptions due to troubleshooting issues, server problems or workflow mishaps.
Economic instability makes organisations a target
Cyber threats won’t go away just because an organisation is experiencing tough economic times, and cutting the cyber security budget will only leave it more vulnerable.
This is an issue for smaller organisations in particular, as they have less money to spend and even small cuts could have significant effects.
Many will argue that they haven’t yet had a problem with cyber security, so it’s not something they should prioritise. However, we are on pace for more than 1,000 publicly disclosed security incidents for the second consecutive year.
Now more than ever, organisations must recognise the threat of cyber crime and look for ways to bolster their defences.
It’s advice that many organisations have already taken on board. While many industries are shrinking in tough economic circumstances, cyber security is beating the market.
Why stick with cyber security in tough economic times?
Times of uncertainty are when effective cyber security is needed the most. People across the organisation must also understand what preventive measures should be taken.
With legislation such as the GDPR (General Data Protection Regulation) demanding better data protection practices, investing in cyber security is not a luxury. Organisations must implement appropriate technical and organisational measures, and bake them into their practices, or they risk enforcement action or possibly even a fine.
If you want to know more about the measures you can adopt to strengthen your information security practices, Vigilant Software can help. We offer a variety of tools to help you understand and address your security requirements.
Our CyberComply platform is particularly useful for organisations that want to manage their cyber security requirements in one simple package.
It guides organisations through their cyber security and compliance needs, with tools dedicated to identifying and treating security threats, risk management and data flow mapping.
The platform is ideal for small- and medium-sized organisations to address their information security and compliance requirements.