The increasing number and sophistication of cyberattacks have companies boosting their cybersecurity budgets—again—in the upcoming year.
PwC’s Global Digital Trust Insights Survey found that 69% of organizations expect to boost cyber spending in 2022; 26% will see their security budget up by 10% or more.
Even in this age of high-profile attacks, figures like that help perpetuate the idea of cybersecurity as a cost center. That in turn can leave CISOs at odds with their executive colleagues, and it can leave those other executive leaders frustrated and confused about the value they actually get from their cybersecurity investments.
“Many business leaders are now keen to participate in cyber transformation, but they find the wide use of security jargon and vain metrics deeply frustrating. It leaves them unclear about key threats targeting their businesses, the strength of their existing defenses, or what investment is required. They feel like they are pouring money in a leaky bucket because cybersecurity teams struggle to translate the value of their initiatives into the language of the business: money,” says Phil Zongo, CEO of the Cyber Leadership Institute, a training organization, and a member of the Emerging Trends Working Group at the professional association ISACA.
Leading CISOs, however, have turned that reputation around even as their own security budgets rise. How did they do it? By demonstrating that security is not only critical to business success but is an enabler and a competitive advantage just as much as the digital infrastructure and data assets it protects.