Your Cybersecurity Program is a Horse's Behind

For decades, I've been arguing that the biggest problem in cybersecurity is that cybersecurity gets the budget it deserves, not the budgets it needs, and practitioners need to learn how to get the budgets that they need. Without being able to get the required budget, cybersecurity programs can't be responsive to evolving threats. But by applying machine learning, cyber risk quantification, and a variety of other disciplines (beyond treating them like buzzwords), cybersecurity programs can learn to use the same strategies employed by other disciplines within an organization to cost justify their budget requirements. This presentation will walk through budgeting processes and then show how to apply the appropriate disciplines to properly justify their budgets.

Ira Winkler
Ira Winkler, CISSP, is CISO of CYE Security and Director of the Human Security Engineering Consortium. He authored the books, You “Can Stop Stupid” and “Security Awareness for Dummies”, and is considered one of the world’s most influential security professionals. Ira was named “The Awareness Crusader” by CSO Magazine in receiving their CSO COMPASS Award. Most recently, he was named 2021 Top Cybersecurity Leader by Security Magazine. He has designed, implemented, and supported security awareness programs at organizations in all industries around the world. Ira began his career at the National Security Agency, where he served as an Intelligence and Computer Systems Analyst. He has since served in other positions supporting the cybersecurity programs in organizations of all sizes.