Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

10 tips to secure funding for a security program

Dominic Nessi, CIO for Los Angeles World Airports | April 22, 2013
CIO for Los Angeles World Airports outlines ten essential tips for getting your financial team on board with your security funding requests

8. Provide constant feedback on the security program.

Bring the financial team into your world as much as possible. Don't wait until you have an emergency and need immediate funding. Continually provide information to the financial team regarding the state of the cyber security world and your organization's place in it. This can be anything from a brief discussion in the hallway to forwarding an email on the latest threat.

9. Use outside resources to support your request.

If you are met with skepticism on your funding request, suggest that you bring in an outside cybersecurity expert to develop an independent third-party analysis/audit. If that doesn't work, bring in peers from other organizations in your vertical and have them conduct a peer review on your security operation. An "outside" opinion often seems to have more weight than that of internal staff.

10.Always emphasize that cyber security is not an "information technology" issue -- it is an organizational risk management issue.

Of all the considerations, this is perhaps the most important. Cyber security is not only addressed through the IT department, but also through human resources in the form of personnel policies; your legal counsel through the enforcement of policies; and your senior management team, who must always insist that their employees follow company policies and rules and who may be accountable to stakeholders and/or compliance organizations to meet laws and requirements. In a distributed environment, you are likely to have numerous parts of the organization continually adding and modifying new technologies, all of which can cause changes to your overall security posture.

Senior management and your financial decision-makers understand risk and dollars. Establishing good communication and maintaining it is critical to receiving the funding necessary to implement and maintain a sound cybersecurity program.


Previous Page  1  2  3 

Sign up for CIO Asia eNewsletters.