But, Hannan argued, there may be a silver lining for CISOs. A lot of the traditional cybersecurity budget arguments — brand reputation, compliance costs, privacy issues, data leakage, and so on — are starting to wear thin with their CFO and CEO audiences.
Not so with cost increases, which can undermine the enterprise’s competitive position. Data-breach cost pass-alongs could potentially impact market share — the kind of thing that grabs CFO, CEO, and even board attention. That might, Hannan said, give senior management reason to rethink CISO budget requests.
“The potential for increased prices and diluted competitiveness provides CISOs with a compelling argument to secure appropriate funding for cybersecurity initiatives,” Hannan said. “It demonstrates that the cost of inaction — both in financial terms and in reputational damage — far outweighs the cost of robust security programs.”
