Cutting Security Costs Won’t Recession-Proof Your Company

Economists and the news media are throwing around the “recession” word quite a bit these days, making some security professionals nervous that security will end up on the chopping block. How can they show executives that cutting security costs won’t make a company recession-proof?

In an opinion piece on the CSO website, security consultant and author Ben Rothke says cutting security staff isn’t the answer to get through tough economic times. “Whether you call it a recession or a correction, the reality is that profits are down, bankruptcies are up, foreclosures are soaring and the overall economic outlook is bleak,” he says. “Companies are responding by cutting back IT budgets and staff.”

But IT security staff shouldn’t be lumped in with those cuts, Rothke says. For one thing, he points out that insiders are one of the most serious security threats a company faces – and that includes disgruntled former employees. With all of the cost cutting and layoffs, information security is one area that can’t afford to be cut.

“It is at times like these where more information security is actually needed to handle the rise in incidents,” he says. “Having a reduced staff only raises the probability that such incidents will be overlooked or not handled until the damage is done.”

Instead, Rothke says companies need to consider security in the same way they think about the heating in their building – it’s an integral part of the work environment, and cutting it is non-negotiable.

“Pragmatic organizations, especially those within the financial services sector, are battle tested enough to know that cutting back on information security is imprudent,” he says. “Organizations that follow their lead won’t suffer the inevitable outcome of those that are shortsighted enough to pursue a short-term cost savings by cutting their information security staffs.”