The current crisis caused by the coronavirus has unfortunately taken a toll on the state of the economy, and information security professionals must be prepared. In many cases, information security program (infosec) budgets will be reduced. Security leaders must plan for the possibility of cuts and proactively strategize on how they can continue to lead an effective and successful infosec program. This is especially critical considering U.S. security agencies have warned that the frequency and severity of COVID-19-related cyberattacks are expected to continue to increase over the coming weeks and months.
Today's challenging reality presents an opportunity for CISO’s to reevaluate the economics and efficiencies of their current infosec program. To do so, CISO’s must narrow their focus on maximizing their return on investments and shift to a risk-based prioritization strategy.