Crowe cybersecurity professionals discuss what’s next for CISOs.
The COVID-19 pandemic has presented several challenges to organizations, including responding to the pandemic, maintaining business continuity management, securing home networks, and dealing with email-based attacks. As the economy begins to reopen, executives responsible for information security and cybersecurity risk management are encountering dramatic new challenges.
Crowe recently gathered a panel of its leading information security professionals and asked them to offer their observations and insights into the priorities that chief information security officers (CISOs) will need to address during the recovery. The panelists included Mike Del Giudice, Sekhara Gudipati, Jared Hamilton, Dave McKnight, Lucas Morris, and Chris Wilkinson.
Q: Let’s begin with a broad overview. Many businesses and public sector organizations alike are struggling with severe revenue shortfalls, which are likely to result in tighter budgets for all areas including cybersecurity. How are these cuts manifesting themselves? What are you seeing?
Mike Del Giudice, Principal, Consulting: Well, clearly the effects vary by industry. For example, in my work with information security and data privacy for the public sector, clients have serious concerns about revenue shortfalls due to high unemployment and drastically lower tax revenues. But tax revenues always show up in arrears, so for tax-supported organizations, the budget crunches in IT and cybersecurity are likely to come in the next budget cycles, such as late 2020 and 2021.
Other organizations, such as educational institutions, are already encountering challenges because they must address financial pressures such as refunds for students whose classes were canceled or moved online. In the same way, some not-for-profit organizations are dealing with immediate shortfalls due to suspended operations, but others are actually experiencing record levels of donations and contributions, depending on their mission.