{"id":68361,"date":"2023-06-26T14:59:24","date_gmt":"2023-06-26T06:59:24","guid":{"rendered":"https:\/\/version-2.com\/?p=68361"},"modified":"2023-06-26T15:14:18","modified_gmt":"2023-06-26T07:14:18","slug":"best-practices-on-cybersecurity-budget-allocation-a-research-based-guide","status":"publish","type":"post","link":"https:\/\/version-2.com\/en\/2023\/06\/best-practices-on-cybersecurity-budget-allocation-a-research-based-guide\/","title":{"rendered":"Best practices on cybersecurity budget allocation: a research-based guide"},"content":{"rendered":"<div data-elementor-type=\"wp-post\" data-elementor-id=\"68361\" class=\"elementor elementor-68361\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-35fe5dd post-content elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"35fe5dd\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;_id&quot;:&quot;cef08c3&quot;,&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-409a2e9a\" data-id=\"409a2e9a\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-5a8be8f elementor-widget elementor-widget-text-editor\" data-id=\"5a8be8f\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<img fetchpriority=\"high\" decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/images.ctfassets.net\/5natoedl294r\/6ZurqqWKU1zloyUh6yeU1M\/bdb0322b7ad1a1d4bd560998dc1666ad\/Cybersecurity_budget_research_web_1400x800.png?w=1400&amp;h=800&amp;q=50&amp;fm=webp\" width=\"1400\" height=\"800\" \/>\n<div class=\"nord-col lg:col-8 lg:offset-1 break-words mt-5 text-grey-shuttle\"><article>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">Building a cybersecurity strategy is challenging. It requires more than just technical knowledge and managerial skills but also demands financial resources.<\/p>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">Business budgeting tendencies show that cybersecurity investments receive only a small part of the allocated IT budget. Cybersecurity funds must be distributed wisely to ensure valuable outcomes, prove the chosen security direction effective and minimize resources\u2019 waste.<\/p>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">The main challenge is how to achieve effective security spending. How much should businesses allocate to cybersecurity, and what factors like company size or maturity does it depend on?<\/p>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">According to <a class=\"hyperlink Link Link--blue-dodger font-medium\" href=\"https:\/\/www.statista.com\/statistics\/790834\/spending-global-security-technology-and-services-market-by-segment\/\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Statista<\/a>, information security investments in different categories continuously grow. <strong>Projections for 2024 indicate worldwide spending on information security will double compared to 2017<\/strong>.<\/p>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">The trend confirms the necessity of considerable cybersecurity funding. To understand it better, let\u2019s dive into research-based data on how businesses of different sizes and cybersecurity maturity distribute their allocated budgets.<\/p>\n\n<h2 id=\"research-methodology\" class=\"Heading Heading-h2 text-dark-blue\">Research methodology<\/h2>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">NordLayer surveyed 500 non-governmental organizations across Canada, the United Kingdom, and the United States. An external agency conducted the surveys between March 15 and 25, 2023.<\/p>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">Industries and subindustries represented in the research include business management and support services, e-commerce, education, finance and insurance, health care, information and communication, IT, professional and technical services, and consulting.<\/p>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">The survey explored the organizations\u2019 cybersecurity maturity level (Beginner, Basic, and Advanced), their cybersecurity solutions, and the presence of an in-house specialist or responsible department. It also included questions about cyber incident costs and allocated budgeting for IT and security in the period of 2022-2023.<\/p>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">Companies were segmented by size:<\/p>\n\n<ul class=\"list\">\n \t<li class=\"ml-4 pl-4\">\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">Small companies: 1-10 employees.<\/p>\n<\/li>\n \t<li class=\"ml-4 pl-4\">\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">Medium companies: 11-200 employees.<\/p>\n<\/li>\n \t<li class=\"ml-4 pl-4\">\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">Large companies: 201+ employees.<\/p>\n<\/li>\n<\/ul>\n<h2 id=\"cybersecurity-landscape-and-the-importance-of-budgeting\" class=\"Heading Heading-h2 text-dark-blue\">Cybersecurity landscape and the importance of budgeting<\/h2>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">The mantra \u201ccybersecurity keeps evolving, so do cyber threats\u201d remains relevant today, emphasizing the need for strengthening business protection measures. As the significance of different types of attacks shifts, mitigating one risk at a time is not a practical solution.<\/p>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">For instance, just last year, <a class=\"hyperlink Link Link--blue-dodger font-medium\" href=\"\/en\/blog\/top-cybersecurity-trends-for-2022\/\">ransomware attacks<\/a> held the top position on the threats list, alerting everyone to stay vigilant. This year, according to <a class=\"hyperlink Link Link--blue-dodger font-medium\" href=\"https:\/\/www.statista.com\/statistics\/1300557\/threat-outlook-by-reportable-incidents\/\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Statista<\/a>, the threat outlook for global companies highlights <strong>business email compromise and\/or account takeovers (33%) as the most prominent cyber risk <\/strong>surpassing ransomware (32%).<\/p>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">Choosing comprehensive cybersecurity tools and solutions helps to achieve the flexibility needed to adapt to dynamic technological and risk change. A sufficient budget is key, so let\u2019s explore how much companies of all sizes invest in building their cybersecurity strategies.<\/p>\n\n<h2 id=\"understanding-the-context-of-digital-attacks\" class=\"Heading Heading-h2 text-dark-blue\">Understanding the context of digital attacks<\/h2>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">Data speaks volumes, so let\u2019s begin by analyzing the culprit behind the need for cybersecurity investments. The survey asked companies about any cyber incidents they encountered in 2022.<\/p>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">The list of top 10 cyberattacks starts with <strong>phishing (39%)<\/strong> and <strong>malware (34%)<\/strong> attacks firmly holding the first two positions. Despite an intense background of cyber incidents, nearly <strong>one-fifth of the companies surveyed didn\u2019t encounter any accidents<\/strong> related to digital threats.<\/p>\n\n<div class=\"gatsby-image-wrapper\" data-gatsby-image-wrapper=\"\">\n\n<img decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/images.ctfassets.net\/5natoedl294r\/6AXxf4lvACK52rksmsvkkl\/d2eac127b132878651286b1b87c20fe6\/Top_cyber_incidents_encountered_in_2022_web_1400x836.png?w=1400&amp;h=836&amp;q=50&amp;fm=webp\" width=\"1400\" height=\"836\" \/>\n\n<picture>Interestingly, <\/picture><strong>ransomware<\/strong><picture>, one of the most menacing threats recently,<\/picture><strong> appears in the last place (16%)<\/strong><picture> on the list, demonstrating how unpredictable and dynamic the nature of the cybersecurity landscape is. Please note that the frequency of a cyber incident doesn\u2019t necessarily indicate the scale of damage inflicted.\u00a0<\/picture>\n\n<\/div>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">The scope and type of cyber incidents may depend on a company\u2019s size or the cybersecurity maturity of an organization.<\/p>\n\n<h3 class=\"Heading Heading-h3 text-dark-blue\">Correlation between cyber incidents and company size<\/h3>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">Organizational size usually is misinterpreted in evaluating the likelihood of a cyberattack. Small companies tend to argue they lack valuable assets of interest to malicious actors, requiring less protection.<\/p>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">However, from the first glance at the research data, the trend confirms that <strong>medium and large companies are exposed to cyber incidents more often<\/strong>. While 42% of small companies claim they didn\u2019t encounter any cyber incidents in 2022, it accounts for less than half of them.<\/p>\n\n<div class=\"gatsby-image-wrapper\" data-gatsby-image-wrapper=\"\">\n\n<img decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/images.ctfassets.net\/5natoedl294r\/69K2vymFE79dnmyYadenfk\/64ed082d95762aca102a3346b30dc9b9\/Organization_size_x_cyber_attack_frequency_1400x898.png?w=1400&amp;h=898&amp;q=50&amp;fm=webp\" width=\"1400\" height=\"898\" \/>\n\n<picture>We observe that insider threats and social engineering attacks are much rarer for small businesses, while data breaches or leaked passwords are more common issues. But <\/picture><strong>phishing attacks (39%)<\/strong><picture> on our list of cyber incidents <\/picture><strong>are equally prevalent across all-sized companies<\/strong><picture>.\u00a0<\/picture>\n\n<\/div>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">Large enterprises tend to suffer from malware (43%), social engineering (30%), and insider threats (29%). Compared with the other two categories, medium-sized businesses were exposed most to data breaches (34%) and DDos\/DoS attacks (27%).<\/p>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">However, identity theft (27%), compromised\/leaked passwords (23%), and ransomware (19%) impact companies with either 11 employees or 201+ to a similar extent.<\/p>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">It\u2019s important not to forget that <strong>size doesn\u2019t make one immune<\/strong>. Only the form and approach of malicious actors can differ. Frequency is only one of the aspects to consider when analyzing the intensity of attacks but not the overall impact on business continuity.<\/p>\n\n<h3 class=\"Heading Heading-h3 text-dark-blue\">Cyber preparedness as digital threat prevention<\/h3>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">Company size is more of a predetermined factor rather than an easily controllable aspect of the business. Conversely, cyber preparedness is a decision-based measure of whether an organization invests and focuses on cybersecurity awareness.<\/p>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">Interestingly, higher cyber frequency of attacks is recorded for companies with advanced cybersecurity preparedness. Why is that? A few possible reasons explain this trend.<\/p>\n\n<div class=\"gatsby-image-wrapper\" data-gatsby-image-wrapper=\"\">\n\n<img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/images.ctfassets.net\/5natoedl294r\/4OS1SF2QbCEKfVftldspHN\/edea973ec92bb497d5bb476466ef39d4\/Cybersecurity_maturity_level_x_cyber_attack_frequency_1400x898.png?w=1400&amp;h=898&amp;q=50&amp;fm=webp\" width=\"1400\" height=\"898\" \/>\n\n<picture>Cybersecurity maturity is tightly connected with the complexities of creating, providing, and maintaining services and\/or products within a company. It also relates to business nature, the processing of sensitive data, and active online presence.\u00a0<\/picture>\n\n<\/div>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">Companies with a cybersecurity awareness mindset are <strong>more likely to assess the risks <\/strong>they face. To mitigate identified risks, security managers implement solutions to prevent, detect, or proactively hunt threats. Monitoring provides explicit data on cyber events or existing breaches, implying that<strong> organizations at the basic and beginner level of cyber maturity are less aware<\/strong> of what\u2019s happening under the hood.<\/p>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">Digital advancements increase the attack surface of a company. Factors such as zero-day vulnerabilities, lack of sufficient resources, and incompatible effectiveness of cybersecurity strategy can lead to a higher frequency of cyber attacks, particularly when outsourced services and vendors introduce third-party dependency.<\/p>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">Adversary motivation is common to most malicious actors. These attacks are often based on financial gain or political ideology, but some attackers simply seek the thrill of a challenge. Less cyber-advanced and protected companies are <strong>an easy catch<\/strong>, making them suitable for training grounds for attackers compared to more well-protected and globally known companies.<\/p>\n<img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/images.ctfassets.net\/5natoedl294r\/3CKLKhFVQL6pBB1klPcpO3\/1ff752f7ddf1b07e88878d0300f00a7d\/Cybersecurity_maturity_level_x_cyber_attack_frequency_2nd_scheme_1400x705.png?w=1400&amp;h=705&amp;q=50&amp;fm=webp\" width=\"1400\" height=\"705\" \/>\n<div class=\"gatsby-image-wrapper\" data-gatsby-image-wrapper=\"\">\n\n<noscript><br data-mce-bogus=\"1\"><\/noscript><noscript><br data-mce-bogus=\"1\"><\/noscript><noscript><picture><source type=\"image\/webp\" srcset=\"https:\/\/images.ctfassets.net\/5natoedl294r\/3CKLKhFVQL6pBB1klPcpO3\/1ff752f7ddf1b07e88878d0300f00a7d\/Cybersecurity_maturity_level_x_cyber_attack_frequency_2nd_scheme_1400x705.png?w=750&amp;h=378&amp;q=50&amp;fm=webp 750w, https:\/\/images.ctfassets.net\/5natoedl294r\/3CKLKhFVQL6pBB1klPcpO3\/1ff752f7ddf1b07e88878d0300f00a7d\/Cybersecurity_maturity_level_x_cyber_attack_frequency_2nd_scheme_1400x705.png?w=1080&amp;h=544&amp;q=50&amp;fm=webp 1080w, https:\/\/images.ctfassets.net\/5natoedl294r\/3CKLKhFVQL6pBB1klPcpO3\/1ff752f7ddf1b07e88878d0300f00a7d\/Cybersecurity_maturity_level_x_cyber_attack_frequency_2nd_scheme_1400x705.png?w=1366&amp;h=688&amp;q=50&amp;fm=webp 1366w, https:\/\/images.ctfassets.net\/5natoedl294r\/3CKLKhFVQL6pBB1klPcpO3\/1ff752f7ddf1b07e88878d0300f00a7d\/Cybersecurity_maturity_level_x_cyber_attack_frequency_2nd_scheme_1400x705.png?w=1400&amp;h=705&amp;q=50&amp;fm=webp 1400w\" sizes=\"100vw\"\/><img title=\"Cybersecurity maturity level x cyber attack frequency 2nd scheme\" width=\"1\" height=\"0.5035714285714286\" data-main-image=\"\" style=\"object-fit:cover;opacity:0\" sizes=\"auto, 100vw\" decoding=\"async\" loading=\"lazy\" src=\"https:\/\/images.ctfassets.net\/5natoedl294r\/3CKLKhFVQL6pBB1klPcpO3\/1ff752f7ddf1b07e88878d0300f00a7d\/Cybersecurity_maturity_level_x_cyber_attack_frequency_2nd_scheme_1400x705.png?w=1400&amp;h=705&amp;q=50&amp;fm=png\" srcset=\"https:\/\/images.ctfassets.net\/5natoedl294r\/3CKLKhFVQL6pBB1klPcpO3\/1ff752f7ddf1b07e88878d0300f00a7d\/Cybersecurity_maturity_level_x_cyber_attack_frequency_2nd_scheme_1400x705.png?w=750&amp;h=378&amp;q=50&amp;fm=png 750w, https:\/\/images.ctfassets.net\/5natoedl294r\/3CKLKhFVQL6pBB1klPcpO3\/1ff752f7ddf1b07e88878d0300f00a7d\/Cybersecurity_maturity_level_x_cyber_attack_frequency_2nd_scheme_1400x705.png?w=1080&amp;h=544&amp;q=50&amp;fm=png 1080w, https:\/\/images.ctfassets.net\/5natoedl294r\/3CKLKhFVQL6pBB1klPcpO3\/1ff752f7ddf1b07e88878d0300f00a7d\/Cybersecurity_maturity_level_x_cyber_attack_frequency_2nd_scheme_1400x705.png?w=1366&amp;h=688&amp;q=50&amp;fm=png 1366w, https:\/\/images.ctfassets.net\/5natoedl294r\/3CKLKhFVQL6pBB1klPcpO3\/1ff752f7ddf1b07e88878d0300f00a7d\/Cybersecurity_maturity_level_x_cyber_attack_frequency_2nd_scheme_1400x705.png?w=1400&amp;h=705&amp;q=50&amp;fm=png 1400w\" alt=\"Cybersecurity maturity level x cyber attack frequency 2nd scheme\"\/><\/picture><\/noscript>\n\n<\/div>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">Taking a closer look at the comparison between organization size, cybersecurity maturity level, and the frequency of cyber incidents<strong> reveals no distinct deviations<\/strong>.<\/p>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">The main insights imply a weak correlation between insider threats and cybersecurity preparedness levels, while the size of an organization doesn\u2019t seem to impact the frequency of data breaches and identity theft.<\/p>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">Despite the size or cybersecurity maturity, businesses depend on the industry dynamics and the services and data they operate on. The <strong>human factor, <\/strong>whether as an internal threat or attacker motivation, is purely a wild card in the context of the cybersecurity <strong>landscape<\/strong>, irrespective of the company\u2019s size or preparedness.<\/p>\n\n<h3 class=\"Heading Heading-h3 text-dark-blue\">Real-life scenario: damage incurred to LinkedIn scam victim companies<\/h3>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">Let\u2019s take a real-life example to see how LinkedIn scams, common online threats, affect businesses. The critical part is assessing the inflicted damage and exploring what measures can help prevent such risks.<\/p>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">A <a class=\"hyperlink Link Link--blue-dodger font-medium\" href=\"\/en\/blog\/linkedin-scams\/\">LinkedIn scam<\/a> or fake profile aims to gain illicit funds, either through direct transactions or by gathering personal information that can be used to build a pretext for receiving money. Naturally, the question is, <strong>how much do businesses lose in such attacks?<\/strong><\/p>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">Comparing the damages suffered according to company size, <strong>tendencies show that all companies are at risk<\/strong>. Small businesses are the least affected (12%), and medium-sized and large enterprises have to pay the price more often \u2014 22% and 24%, respectively.<\/p>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">Financial damages vary from losses of up to 5,000 in local currency for 33% of companies to 10,000 in local currency for 16% of surveyed companies. These numbers should be considered high as <strong>a fifth of respondents <\/strong>could not disclose information regarding their financial losses.<\/p>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\"><strong>Regarding cybersecurity maturity level, losses increase accordingly<\/strong> \u2014 15% of beginner-level enterprises suffer from financial damage, while 19% of basic-level and 24% of advanced-level companies have declared experiencing expenses.<\/p>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">Does it mean that the more prominent and cybersecurity-developed company, the more risks it is exposed to? Not necessarily, as cyber-ready companies tend to allocate a portion of their budget to IT, particularly when improving their cybersecurity infrastructure.<\/p>\n\n<h2 id=\"research-findings-on-cybersecurity-budgeting\" class=\"Heading Heading-h2 text-dark-blue\">Research findings on cybersecurity budgeting<\/h2>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">Budgeting is an abstract and not clearly defined practice that could be followed by pre-defined recommendations to guarantee success. But it is an important part of business planning, although seen differently by organizations.<\/p>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">Research on cybersecurity budget allocations revealed insights into how enterprises of various sizes approach the same challenges. The following findings are based on overall data, considering company size, cybersecurity maturity, and country unless indicated otherwise.<\/p>\n\n<h3 class=\"Heading Heading-h3 text-dark-blue\">Budget allocation to IT needs and cybersecurity<\/h3>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">IT and cybersecurity budgeting are two different segments of financing. The IT covers overall technology investments, including hardware, software, personnel, and cybersecurity. As cybersecurity is just a fraction of the grand scheme, it explains why budgets can be <strong>tight and sometimes even non-existent<\/strong>.<\/p>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">In 2022, over <strong>90% of companies<\/strong> distributed some of their budgets to IT needs. Most companies allocated up to 50% of their financial resources, while <strong>only 1% of respondents put all their money into IT spending<\/strong>.<\/p>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/images.ctfassets.net\/5natoedl294r\/5uzdr1M4mgL5NvNq2IglFj\/cb5dc040be62919fc2d8becde63ac89c\/Budget_allocation_to_IT___cybersecurity_in_2022_web_1400x897.png?w=1400&amp;h=897&amp;q=50&amp;fm=webp\" width=\"1400\" height=\"897\" \/><img decoding=\"async\" style=\"object-fit: cover; opacity: 0;\" title=\"Budget allocation to IT cybersecurity in 2022 \" src=\"https:\/\/images.ctfassets.net\/5natoedl294r\/5uzdr1M4mgL5NvNq2IglFj\/cb5dc040be62919fc2d8becde63ac89c\/Budget_allocation_to_IT___cybersecurity_in_2022_web_1400x897.png?w=1400&amp;h=897&amp;q=50&amp;fm=png\" sizes=\"100vw\" srcset=\"https:\/\/images.ctfassets.net\/5natoedl294r\/5uzdr1M4mgL5NvNq2IglFj\/cb5dc040be62919fc2d8becde63ac89c\/Budget_allocation_to_IT___cybersecurity_in_2022_web_1400x897.png?w=750&amp;h=481&amp;q=50&amp;fm=png 750w, https:\/\/images.ctfassets.net\/5natoedl294r\/5uzdr1M4mgL5NvNq2IglFj\/cb5dc040be62919fc2d8becde63ac89c\/Budget_allocation_to_IT___cybersecurity_in_2022_web_1400x897.png?w=1080&amp;h=692&amp;q=50&amp;fm=png 1080w, https:\/\/images.ctfassets.net\/5natoedl294r\/5uzdr1M4mgL5NvNq2IglFj\/cb5dc040be62919fc2d8becde63ac89c\/Budget_allocation_to_IT___cybersecurity_in_2022_web_1400x897.png?w=1366&amp;h=875&amp;q=50&amp;fm=png 1366w, https:\/\/images.ctfassets.net\/5natoedl294r\/5uzdr1M4mgL5NvNq2IglFj\/cb5dc040be62919fc2d8becde63ac89c\/Budget_allocation_to_IT___cybersecurity_in_2022_web_1400x897.png?w=1400&amp;h=897&amp;q=50&amp;fm=png 1400w\" alt=\"Budget allocation to IT cybersecurity in 2022 \" width=\"1\" height=\"0.6407142857142857\" data-main-image=\"\" \/><\/p>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">Finances allocated directly to cybersecurity spending (besides hardware and software investments) accounted for 84% of received funds in 2022. However, 10% of companies either didn\u2019t find it relevant or had to shift their investing priorities away from cybersecurity. Nearly<strong> one-fifth of organizations allocated up to 30% of their funds to digital security<\/strong>.<\/p>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">Half of the small companies mainly invest up to 20% of their budget in upgrading their IT infrastructure. The same tendency appears for beginner cybersecurity maturity-level companies. 14% of small companies and 18% of beginner cybersecurity maturity level organizations chose not to invest in IT needs, while 26% and 31% of these companies did not invest in cybersecurity at all.<\/p>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">On the other hand, large enterprises and advanced cybersecurity maturity level companies tend to allocate more funds to IT, similar to medium-sized companies and basic cyber preparedness level organizations. Large and medium enterprises tended to allocate at least a portion of their budgets to cybersecurity strategy upgrades during the year.<\/p>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">In 2023, the trend shows that<strong> fewer companies (88%) distributed company funds to IT needs.<\/strong> Some organizations redistributed their funds to other departments, excluding IT or cybersecurity.<\/p>\n\n<div class=\"gatsby-image-wrapper\" data-gatsby-image-wrapper=\"\">\n\n<img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/images.ctfassets.net\/5natoedl294r\/6V5K17BCpNJvakbmuB0oE1\/5c3d7d6e7b8c10417f054d2edf8b4a87\/Budget_allocation_to_IT___cybersecurity_in_2023_web_1400x897.png?w=1400&amp;h=897&amp;q=50&amp;fm=webp\" width=\"1400\" height=\"897\" \/>\n\n<picture>Small and beginner-level cybersecurity maturity companies maintain the <\/picture><strong>trend of investing as little as possible<\/strong><picture> in IT and cybersecurity. In 2023, 16% of small-sized businesses and 19% of Beginner-level companies didn\u2019t allocate funds to IT, which is a negative trend compared to 2022. Yet, 23% of small businesses and 28% of beginner-level companies skipped funding cybersecurity, a decrease compared to last year.\u00a0<\/picture>\n\n<\/div>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">This leads to the conclusion that although small and unadvanced companies allocate fewer funds to IT, they<strong> prioritize cybersecurity to a greater extent<\/strong>.<\/p>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">Medium-sized companies, on average, spend almost 30% of their available budget on IT in 2022. However, this <strong>allocation changed to 23% in 2023.<\/strong> Basic cybersecurity maturity level companies maintained a balance of 21-27% of IT funding in the last two years, with a growing tendency. Similar trends can be observed in cybersecurity investments for the same category of organizations.<\/p>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">Large and advanced cybersecurity maturity companies demonstrate stability, <strong>consistently allocating an average of 24% of funds<\/strong> designated to IT or cybersecurity needs in 2022-2023.<\/p>\n\n<h3 class=\"Heading Heading-h3 text-dark-blue\">Investment trends for cyber threats management<\/h3>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">Risk assessments and mitigation dictate the cybersecurity strategy of an organization. The strategy is built on security policies, tools, and solutions to implement measures that address the established business protection needs.<\/p>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">The cybersecurity strategy is a process that needs to be monitored, adjusted, and improved for better results. As mentioned earlier, the necessity for flexibility comes from ever-evolving digital environments.<\/p>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">We asked companies which solutions and services they use and what is their future investment focus in cybersecurity.<\/p>\n\n<div class=\"gatsby-image-wrapper\" data-gatsby-image-wrapper=\"\">\n\n<img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/images.ctfassets.net\/5natoedl294r\/20QJeWfHJRNPpM50F98RoQ\/a58369219f00c4cccd06267646c3589d\/Cybersecurity_tools___solutions_used_in_organizations_web_1400x744.png?w=1400&amp;h=744&amp;q=50&amp;fm=webp\" width=\"1400\" height=\"744\" \/>\n\n<picture>The list of implemented tools and solutions reveals that companies combine different measures to achieve security. Almost<\/picture><strong> 4 out of 5 companies <\/strong><picture>utilize antivirus software (79%). Secure passwords (65%) and file encryption (64%) are the second-highest priority when creating security policies within organizations.<\/picture>\n\n<\/div>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\"><strong>Virtual Private Networks (VPNs) maintain their popularity <\/strong>in securing organization network connections, with over half (59%) of companies using them. Cyber insurance (45%) is a relatively new solution making its way to business cybersecurity, although its focus is on covering the consequences of an incident rather than preventing it.<\/p>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">Spending on cybersecurity solutions, services, and applications will <strong>continue to be a priority <\/strong>(59%) in the 2023 budgets. Raising awareness within organizations is as important as companies providing cybersecurity training and increasing dedicated staff for cybersecurity questions.<\/p>\n<img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/images.ctfassets.net\/5natoedl294r\/1iqWTk5rWgb3ZHJ06HpKNF\/11623d56084f6d8e13445a0bf972b3b0\/Projected_cybersecurity_investments_for_2023_web_1400x891.png?w=1400&amp;h=891&amp;q=50&amp;fm=webp\" width=\"1400\" height=\"891\" \/>\n<div class=\"gatsby-image-wrapper\" data-gatsby-image-wrapper=\"\">\n\n<noscript><br data-mce-bogus=\"1\"><\/noscript><noscript><br data-mce-bogus=\"1\"><\/noscript><noscript><picture><source type=\"image\/webp\" srcset=\"https:\/\/images.ctfassets.net\/5natoedl294r\/1iqWTk5rWgb3ZHJ06HpKNF\/11623d56084f6d8e13445a0bf972b3b0\/Projected_cybersecurity_investments_for_2023_web_1400x891.png?w=750&amp;h=477&amp;q=50&amp;fm=webp 750w, https:\/\/images.ctfassets.net\/5natoedl294r\/1iqWTk5rWgb3ZHJ06HpKNF\/11623d56084f6d8e13445a0bf972b3b0\/Projected_cybersecurity_investments_for_2023_web_1400x891.png?w=1080&amp;h=687&amp;q=50&amp;fm=webp 1080w, https:\/\/images.ctfassets.net\/5natoedl294r\/1iqWTk5rWgb3ZHJ06HpKNF\/11623d56084f6d8e13445a0bf972b3b0\/Projected_cybersecurity_investments_for_2023_web_1400x891.png?w=1366&amp;h=869&amp;q=50&amp;fm=webp 1366w, https:\/\/images.ctfassets.net\/5natoedl294r\/1iqWTk5rWgb3ZHJ06HpKNF\/11623d56084f6d8e13445a0bf972b3b0\/Projected_cybersecurity_investments_for_2023_web_1400x891.png?w=1400&amp;h=891&amp;q=50&amp;fm=webp 1400w\" sizes=\"100vw\"\/><img title=\"Projected cybersecurity investments for 2023\" width=\"1\" height=\"0.6364285714285715\" data-main-image=\"\" style=\"object-fit:cover;opacity:0\" sizes=\"auto, 100vw\" decoding=\"async\" loading=\"lazy\" src=\"https:\/\/images.ctfassets.net\/5natoedl294r\/1iqWTk5rWgb3ZHJ06HpKNF\/11623d56084f6d8e13445a0bf972b3b0\/Projected_cybersecurity_investments_for_2023_web_1400x891.png?w=1400&amp;h=891&amp;q=50&amp;fm=png\" srcset=\"https:\/\/images.ctfassets.net\/5natoedl294r\/1iqWTk5rWgb3ZHJ06HpKNF\/11623d56084f6d8e13445a0bf972b3b0\/Projected_cybersecurity_investments_for_2023_web_1400x891.png?w=750&amp;h=477&amp;q=50&amp;fm=png 750w, https:\/\/images.ctfassets.net\/5natoedl294r\/1iqWTk5rWgb3ZHJ06HpKNF\/11623d56084f6d8e13445a0bf972b3b0\/Projected_cybersecurity_investments_for_2023_web_1400x891.png?w=1080&amp;h=687&amp;q=50&amp;fm=png 1080w, https:\/\/images.ctfassets.net\/5natoedl294r\/1iqWTk5rWgb3ZHJ06HpKNF\/11623d56084f6d8e13445a0bf972b3b0\/Projected_cybersecurity_investments_for_2023_web_1400x891.png?w=1366&amp;h=869&amp;q=50&amp;fm=png 1366w, https:\/\/images.ctfassets.net\/5natoedl294r\/1iqWTk5rWgb3ZHJ06HpKNF\/11623d56084f6d8e13445a0bf972b3b0\/Projected_cybersecurity_investments_for_2023_web_1400x891.png?w=1400&amp;h=891&amp;q=50&amp;fm=png 1400w\" alt=\"Projected cybersecurity investments for 2023\"\/><\/picture><\/noscript>\n\n<\/div>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">Compliance plays an important role in the approach to organizational cybersecurity. <strong>External audits and preparation for standard information security certifications are equally in focus (37%)<\/strong>. However, 17% of respondent companies weren\u2019t able to disclose their plans for cybersecurity budgeting allocation, and 11% said they had no plans for investing in cybersecurity.<\/p>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">It\u2019s concerning to note that <strong>1 out of 10 companies excluded cybersecurity from their budgeting priorities<\/strong>. 34% of those organizations are at the beginner-level of cybersecurity maturity, and 28% of small-sized businesses. Regarding the country, 8% of companies in the United States, 7% of Canada, and 5% of the United Kingdom companies cut their cybersecurity investments for the ongoing year.<\/p>\n\n<h3 class=\"Heading Heading-h3 text-dark-blue\">Yearly comparison of cybersecurity investments<\/h3>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">Plans for 2023 show a slight change but a clear strategy for businesses with advanced cybersecurity maturity. Purchasing <strong>security solutions, services, and\/or applications<\/strong> is the top priority, accounting for 70% of planned costs. In addition, there is a strong focus on <strong>employee education (70%)<\/strong> and increasing <strong>staff for cybersecurity questions (63%)<\/strong>.<\/p>\n\n<div class=\"gatsby-image-wrapper\" data-gatsby-image-wrapper=\"\">\n\n<img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/images.ctfassets.net\/5natoedl294r\/57HcxBsphOD40E6POmHGWH\/8a88890ed18e1a9db5529e626dd28570\/Cybersecurity_investments_in_2022___2023_1400x837.png?w=1400&amp;h=837&amp;q=50&amp;fm=webp\" width=\"1400\" height=\"837\" \/>\n\n<picture>Attention to organizational preparation for information security certifications grew from 46% in 2022 to 51% in 2023. The data implies that businesses are strengthening their cybersecurity strategies<\/picture><strong> to be more aware and self-sufficient in protecting company assets<\/strong><picture>.<\/picture>\n\n<\/div>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">Beginner-level cybersecurity maturity companies fluctuate between 20\u201330% in the same categories. It indicates awareness present with yet too little security spending allocated.<\/p>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">These companies are smaller, thus easier to manage their scale and exposure to digital threats. For sustainable growth and security, the mindset shift is expected to be cyber-ready for driving large-scale organization protection.<\/p>\n\n<h2 id=\"best-practices-for-developing-cybersecurity-budgets\" class=\"Heading Heading-h2 text-dark-blue\">Best practices for developing cybersecurity budgets<\/h2>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">Research revealed that cybersecurity spending depends on different factors. It plays a small yet important part in the overall business lifecycle. Investing in cybersecurity is highly recommended to ensure organizational growth and business continuity.<\/p>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">To allocate cybersecurity budgets effectively, evaluate all the components influencing costs, decision-making, and further strategy development. This includes staying vigilant and proactive, planning responsibly, reusing resources (talent, tools, processes) sustainably, and aiming for growth.<\/p>\n\n<h3 class=\"Heading Heading-h3 text-dark-blue\">Key takeaways: how to identify, estimate, and prioritize security investments<\/h3>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">Survey data shows that some companies invest in cybersecurity generously, while others, especially small businesses, tend to refrain from security funding. Naturally, the reason behind it can be related to limited resources, underdeveloped infrastructure and processes, and l time constraints.<\/p>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">Yet poorly protected businesses suffer harder from a cyber incident. Only luck, not size or brand awareness, influences when and how threat actors will target an organization.<\/p>\n<img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/images.ctfassets.net\/5natoedl294r\/4pAKdBExuEpLvCAo8p7hzB\/192a04bfc0bcb2d910edb61bd80fb099\/Key_takeaways_1400x808.png?w=1400&amp;h=808&amp;q=50&amp;fm=webp\" width=\"1400\" height=\"808\" \/>\n<div class=\"gatsby-image-wrapper\" data-gatsby-image-wrapper=\"\">\n\n<picture><source srcset=\"https:\/\/images.ctfassets.net\/5natoedl294r\/4pAKdBExuEpLvCAo8p7hzB\/192a04bfc0bcb2d910edb61bd80fb099\/Key_takeaways_1400x808.png?w=750&amp;h=433&amp;q=50&amp;fm=webp 750w, https:\/\/images.ctfassets.net\/5natoedl294r\/4pAKdBExuEpLvCAo8p7hzB\/192a04bfc0bcb2d910edb61bd80fb099\/Key_takeaways_1400x808.png?w=1080&amp;h=623&amp;q=50&amp;fm=webp 1080w, https:\/\/images.ctfassets.net\/5natoedl294r\/4pAKdBExuEpLvCAo8p7hzB\/192a04bfc0bcb2d910edb61bd80fb099\/Key_takeaways_1400x808.png?w=1366&amp;h=788&amp;q=50&amp;fm=webp 1366w, https:\/\/images.ctfassets.net\/5natoedl294r\/4pAKdBExuEpLvCAo8p7hzB\/192a04bfc0bcb2d910edb61bd80fb099\/Key_takeaways_1400x808.png?w=1400&amp;h=808&amp;q=50&amp;fm=webp 1400w\" type=\"image\/webp\" sizes=\"100vw\" \/><img decoding=\"async\" style=\"object-fit: cover; opacity: 0;\" title=\"Key takeaways\" src=\"https:\/\/images.ctfassets.net\/5natoedl294r\/4pAKdBExuEpLvCAo8p7hzB\/192a04bfc0bcb2d910edb61bd80fb099\/Key_takeaways_1400x808.png?w=1400&amp;h=808&amp;q=50&amp;fm=png\" sizes=\"100vw\" srcset=\"https:\/\/images.ctfassets.net\/5natoedl294r\/4pAKdBExuEpLvCAo8p7hzB\/192a04bfc0bcb2d910edb61bd80fb099\/Key_takeaways_1400x808.png?w=750&amp;h=433&amp;q=50&amp;fm=png 750w, https:\/\/images.ctfassets.net\/5natoedl294r\/4pAKdBExuEpLvCAo8p7hzB\/192a04bfc0bcb2d910edb61bd80fb099\/Key_takeaways_1400x808.png?w=1080&amp;h=623&amp;q=50&amp;fm=png 1080w, https:\/\/images.ctfassets.net\/5natoedl294r\/4pAKdBExuEpLvCAo8p7hzB\/192a04bfc0bcb2d910edb61bd80fb099\/Key_takeaways_1400x808.png?w=1366&amp;h=788&amp;q=50&amp;fm=png 1366w, https:\/\/images.ctfassets.net\/5natoedl294r\/4pAKdBExuEpLvCAo8p7hzB\/192a04bfc0bcb2d910edb61bd80fb099\/Key_takeaways_1400x808.png?w=1400&amp;h=808&amp;q=50&amp;fm=png 1400w\" alt=\"Key takeaways\" width=\"1\" height=\"0.5771428571428572\" data-main-image=\"\" \/><\/picture><noscript><picture><source type=\"image\/webp\" srcset=\"https:\/\/images.ctfassets.net\/5natoedl294r\/4pAKdBExuEpLvCAo8p7hzB\/192a04bfc0bcb2d910edb61bd80fb099\/Key_takeaways_1400x808.png?w=750&amp;h=433&amp;q=50&amp;fm=webp 750w, https:\/\/images.ctfassets.net\/5natoedl294r\/4pAKdBExuEpLvCAo8p7hzB\/192a04bfc0bcb2d910edb61bd80fb099\/Key_takeaways_1400x808.png?w=1080&amp;h=623&amp;q=50&amp;fm=webp 1080w, https:\/\/images.ctfassets.net\/5natoedl294r\/4pAKdBExuEpLvCAo8p7hzB\/192a04bfc0bcb2d910edb61bd80fb099\/Key_takeaways_1400x808.png?w=1366&amp;h=788&amp;q=50&amp;fm=webp 1366w, https:\/\/images.ctfassets.net\/5natoedl294r\/4pAKdBExuEpLvCAo8p7hzB\/192a04bfc0bcb2d910edb61bd80fb099\/Key_takeaways_1400x808.png?w=1400&amp;h=808&amp;q=50&amp;fm=webp 1400w\" sizes=\"100vw\"\/><img title=\"Key takeaways\" width=\"1\" height=\"0.5771428571428572\" data-main-image=\"\" style=\"object-fit:cover;opacity:0\" sizes=\"auto, 100vw\" decoding=\"async\" loading=\"lazy\" src=\"https:\/\/images.ctfassets.net\/5natoedl294r\/4pAKdBExuEpLvCAo8p7hzB\/192a04bfc0bcb2d910edb61bd80fb099\/Key_takeaways_1400x808.png?w=1400&amp;h=808&amp;q=50&amp;fm=png\" srcset=\"https:\/\/images.ctfassets.net\/5natoedl294r\/4pAKdBExuEpLvCAo8p7hzB\/192a04bfc0bcb2d910edb61bd80fb099\/Key_takeaways_1400x808.png?w=750&amp;h=433&amp;q=50&amp;fm=png 750w, https:\/\/images.ctfassets.net\/5natoedl294r\/4pAKdBExuEpLvCAo8p7hzB\/192a04bfc0bcb2d910edb61bd80fb099\/Key_takeaways_1400x808.png?w=1080&amp;h=623&amp;q=50&amp;fm=png 1080w, https:\/\/images.ctfassets.net\/5natoedl294r\/4pAKdBExuEpLvCAo8p7hzB\/192a04bfc0bcb2d910edb61bd80fb099\/Key_takeaways_1400x808.png?w=1366&amp;h=788&amp;q=50&amp;fm=png 1366w, https:\/\/images.ctfassets.net\/5natoedl294r\/4pAKdBExuEpLvCAo8p7hzB\/192a04bfc0bcb2d910edb61bd80fb099\/Key_takeaways_1400x808.png?w=1400&amp;h=808&amp;q=50&amp;fm=png 1400w\" alt=\"Key takeaways\"\/><\/picture><\/noscript>\n\n<\/div>\n<h4 class=\"Heading Heading-h4 text-dark-blue\">1. Acknowledge the change in the cybersecurity landscape<\/h4>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">The first step for all decision-makers in the company, from a Chief Information Security Officer (CISO) to Managing Director, is to be aware of cybersecurity challenges and the vulnerability of their business to cyber threats.<\/p>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">Remember about technology upgrades from hardware to cloud-based environments for more resilience and flexibility. Malicious actors look for security gaps to exploit zero-day vulnerabilities.<\/p>\n\n<h4 class=\"Heading Heading-h4 text-dark-blue\">2. Assess business-affecting risks<\/h4>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">All organizations face the risk of cyber-attacks. Some industries have more red flags than others due to the nature of the data they process. The exposure to cyber threats can vary depending on the type of service or product the organization provides or the company&#8217;s maturity.<\/p>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">Understanding what security risks, threats, and scenarios your business is most exposed to is crucial to assess security measures correctly.<\/p>\n\n<h4 class=\"Heading Heading-h4 text-dark-blue\">3. Investigate internal goals<\/h4>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">First, investigate how the company&#8217;s budgets are allocated to different needs. What are strategic goals and business development objectives to find the place and role of cybersecurity in the organization?<\/p>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">Examine how the company meets compliance and aligns with stakeholders\u2019 requirements. Are there any plans to seek certification from regulatory compliance providers, such as HIPAA for healthcare providers? Certification is a process that requires dedicated resources and, at the same time, provides guidelines for building a more robust cybersecurity strategy.<\/p>\n\n<h4 class=\"Heading Heading-h4 text-dark-blue\">4. Audit solutions and best practices<\/h4>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">Review your security strategy. To some extent, policies, procedures, and tools should already exist unless it\u2019s the very beginning of a company. See what needs improvement and identify what gaps must be addressed as soon as possible.<\/p>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">Are there any processes that could be consolidated or solutions that aren\u2019t used to the fullest? Companies tend to invest in applications \u2013 review what apps are utilized and if they satisfy business and user needs.<\/p>\n\n<h4 class=\"Heading Heading-h4 text-dark-blue\">5. Plan a cybersecurity strategy<\/h4>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">Cybersecurity strategy starts from a mindset within the company. The main elements that require continuous investment planning combine:<\/p>\n\n<ul class=\"list\">\n \t<li class=\"ml-4 pl-4\">\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">Tools &amp; solutions.<\/p>\n<\/li>\n \t<li class=\"ml-4 pl-4\">\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">Employee security training and development.<\/p>\n<\/li>\n \t<li class=\"ml-4 pl-4\">\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">Dedicated staff, consultants, and outsourced services.<\/p>\n<\/li>\n \t<li class=\"ml-4 pl-4\">\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">Developing backup plans for different threat scenarios to ensure a stable business lifeline.<\/p>\n<\/li>\n<\/ul>\n<h4 class=\"Heading Heading-h4 text-dark-blue\">6. Implement cybersecurity tools and policies<\/h4>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">After evaluating the business needs for security, select solutions and tools that best suit your case. It\u2019s beneficial to have demo calls with vendors and have a trial period to test tool adoption within the organization.<\/p>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">Once chosen, deploy tools, upgrade policies, and onboard the team to the new cybersecurity strategy.<\/p>\n\n<h4 class=\"Heading Heading-h4 text-dark-blue\">7. Review &amp; adapt to business needs<\/h4>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">Implementing a solution and introducing new processes doesn\u2019t end your cybersecurity strategy journey. Test, monitor, and confirm its effectiveness. Ongoing monitoring requires a dedicated team to ensure a smooth transition to a new way of working.<\/p>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">Whether your organization chooses to have an in-house or outsourced dedicated cybersecurity staff, it is important to allocate the necessary investments. It is recommended to choose a solution that is sustainable and easy to manage.<\/p>\n\n<h4 class=\"Heading Heading-h4 text-dark-blue\">8. Update &amp; make cybersecurity an ongoing process<\/h4>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">Work on new and follow-up business initiatives in accordance with your cybersecurity strategy. Investigate what areas need changing, upgrades, and improvements for another implementation cycle.<\/p>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">Coherent tracking and planning help make next year\u2019s cybersecurity budget easier. It is essential to invest in security training, tools, and dedicated employees in the company and view security as continuous learning and growth.<\/p>\n\n<h2 id=\"following-recommendations-for-cybersecurity-budgeting\" class=\"Heading Heading-h2 text-dark-blue\">Following recommendations for cybersecurity budgeting<\/h2>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">Finances and the effective allocation of limited resources is a sensitive and complex topic for any organization manager responsible for business planning. This research sheds light on the industry trends regarding how companies approach cybersecurity funding, which is ultimately connected to digital threat prevention.<\/p>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">Further investigation and insights are beneficial for informed planning, so explore other materials from NordLayer for a better understanding and planning of the cybersecurity budget:<\/p>\n\n<h3 class=\"Heading Heading-h3 text-dark-blue\">Cost-benefit analysis of cybersecurity spending<\/h3>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">A <a class=\"hyperlink Link Link--blue-dodger font-medium\" href=\"\/en\/blog\/cost-benefit-analysis-of-cybersecurity-spending\/\">comprehensive analysis of cybersecurity costs<\/a> and factors affecting them, benefits of cybersecurity spending, and how to apply it to your organization. In the article, you\u2019ll find more comprehensive information on specific solutions and tools, security spending projections on dedicated cybersecurity staff, and other nuances influencing the cybersecurity strategy.<\/p>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">The study helps better understand the subject and find convincing arguments for discussions with other decision-makers.<\/p>\n\n<h3 class=\"Heading Heading-h3 text-dark-blue\">Decision Maker\u2019s Kit<\/h3>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">This <a class=\"hyperlink Link Link--blue-dodger font-medium\" href=\"\/en\/decision-makers-kit\/\">content support platform<\/a> is dedicated to assisting decision-makers in choosing, explaining, and onboarding their selected cybersecurity solution within their organization. From strategical to explanatory materials, prepared templates, and documentation, the platform provides a better perspective on what\u2019s required and expected when building a cybersecurity strategy for a business.<\/p>\n\n<h3 class=\"Heading Heading-h3 text-dark-blue\">Projections on security budgeting for 2023<\/h3>\n<p class=\"my-4 blog-paragraph text-still-dark-blue\">An <a class=\"hyperlink Link Link--blue-dodger font-medium\" href=\"\/en\/blog\/2023-budgeting-and-cybersecurity\/\">overview of how much companies plan to allocate to cybersecurity in 2023<\/a>, considering different factors. The article covers building a budgeting strategy, assessing the expense gap, and exploring investment alternatives such as the cost of a data breach.<\/p>\n\n<\/article><\/div>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-2004c86 elementor-widget elementor-widget-shortcode\" data-id=\"2004c86\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"shortcode.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-shortcode\">\t\t<div data-elementor-type=\"page\" data-elementor-id=\"18103\" class=\"elementor elementor-18103\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-748947f elementor-section-full_width elementor-section-height-default elementor-section-height-default\" data-id=\"748947f\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;_id&quot;:&quot;c4f773e&quot;,&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-7995c19\" data-id=\"7995c19\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-a437045 elementor-widget elementor-widget-image-box\" data-id=\"a437045\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image-box.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-image-box-wrapper\"><div class=\"elementor-image-box-content\"><h3 class=\"elementor-image-box-title\">About Version 2 Digital<\/h3><p class=\"elementor-image-box-description\">Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.\n<br><br>\nThrough an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.<\/p><\/div><\/div>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t\n\t\t<div data-elementor-type=\"page\" data-elementor-id=\"63561\" class=\"elementor elementor-63561\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-1b6aa2c4 elementor-section-full_width elementor-section-height-default elementor-section-height-default\" data-id=\"1b6aa2c4\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;_id&quot;:&quot;c4f773e&quot;,&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-1b283ee5\" data-id=\"1b283ee5\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-4e466f1a elementor-widget elementor-widget-text-editor\" data-id=\"4e466f1a\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p><strong>About NordLayer<br \/><\/strong>NordLayer is an adaptive network access security solution for modern businesses \u2013 from the world\u2019s most trusted cybersecurity brand, Nord Security.<\/p><p>The web has become a chaotic space where safety and trust have been compromised by cybercrime and data protection issues. Therefore, our team has a global mission to shape a more trusted and peaceful online future for people everywhere.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>","protected":false},"excerpt":{"rendered":"<p>Building a cybersecurity strategy is challenging. It re [&hellip;]<\/p>","protected":false},"author":149011790,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[973,1075,1130,61],"tags":[974,1076,1132],"class_list":["post-68361","post","type-post","status-publish","format-standard","hentry","category-nord-security","category-year2023","category-nordlayer","category-press-release","tag-nord-security","tag-1076","tag-nordlayer"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.3 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Best practices on cybersecurity budget allocation: a research-based guide - Version 2<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/nordlayer.com\/blog\/best-practices-cybersecurity-budget-research-guide\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Best practices on cybersecurity budget allocation: a research-based guide - Version 2\" \/>\n<meta property=\"og:description\" content=\"Building a cybersecurity strategy is challenging. It re [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/nordlayer.com\/blog\/best-practices-cybersecurity-budget-research-guide\/\" \/>\n<meta property=\"og:site_name\" content=\"Version 2\" \/>\n<meta property=\"article:published_time\" content=\"2023-06-26T06:59:24+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-06-26T07:14:18+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/images.ctfassets.net\/5natoedl294r\/6ZurqqWKU1zloyUh6yeU1M\/bdb0322b7ad1a1d4bd560998dc1666ad\/Cybersecurity_budget_research_web_1400x800.png?w=1400&amp;h=800&amp;q=50&amp;fm=webp\" \/>\n<meta name=\"author\" content=\"tracylamv2\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"tracylamv2\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"20 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/nordlayer.com\\\/blog\\\/best-practices-cybersecurity-budget-research-guide\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/2023\\\/06\\\/best-practices-on-cybersecurity-budget-allocation-a-research-based-guide\\\/\"},\"author\":{\"name\":\"tracylamv2\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/person\\\/011bc7c3731c930bcfeecd52fefb6365\"},\"headline\":\"Best practices on cybersecurity budget allocation: a research-based guide\",\"datePublished\":\"2023-06-26T06:59:24+00:00\",\"dateModified\":\"2023-06-26T07:14:18+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/2023\\\/06\\\/best-practices-on-cybersecurity-budget-allocation-a-research-based-guide\\\/\"},\"wordCount\":3232,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/nordlayer.com\\\/blog\\\/best-practices-cybersecurity-budget-research-guide\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/images.ctfassets.net\\\/5natoedl294r\\\/6ZurqqWKU1zloyUh6yeU1M\\\/bdb0322b7ad1a1d4bd560998dc1666ad\\\/Cybersecurity_budget_research_web_1400x800.png?w=1400&amp;h=800&amp;q=50&amp;fm=webp\",\"keywords\":[\"Nord Security\",\"2023\",\"NordLayer\"],\"articleSection\":[\"Nord Security\",\"2023\",\"NordLayer\",\"Press Release\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/nordlayer.com\\\/blog\\\/best-practices-cybersecurity-budget-research-guide\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/version-2.com\\\/2023\\\/06\\\/best-practices-on-cybersecurity-budget-allocation-a-research-based-guide\\\/\",\"url\":\"https:\\\/\\\/nordlayer.com\\\/blog\\\/best-practices-cybersecurity-budget-research-guide\\\/\",\"name\":\"Best practices on cybersecurity budget allocation: a research-based guide - Version 2\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/nordlayer.com\\\/blog\\\/best-practices-cybersecurity-budget-research-guide\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/nordlayer.com\\\/blog\\\/best-practices-cybersecurity-budget-research-guide\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/images.ctfassets.net\\\/5natoedl294r\\\/6ZurqqWKU1zloyUh6yeU1M\\\/bdb0322b7ad1a1d4bd560998dc1666ad\\\/Cybersecurity_budget_research_web_1400x800.png?w=1400&amp;h=800&amp;q=50&amp;fm=webp\",\"datePublished\":\"2023-06-26T06:59:24+00:00\",\"dateModified\":\"2023-06-26T07:14:18+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/nordlayer.com\\\/blog\\\/best-practices-cybersecurity-budget-research-guide\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/nordlayer.com\\\/blog\\\/best-practices-cybersecurity-budget-research-guide\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/nordlayer.com\\\/blog\\\/best-practices-cybersecurity-budget-research-guide\\\/#primaryimage\",\"url\":\"https:\\\/\\\/images.ctfassets.net\\\/5natoedl294r\\\/6ZurqqWKU1zloyUh6yeU1M\\\/bdb0322b7ad1a1d4bd560998dc1666ad\\\/Cybersecurity_budget_research_web_1400x800.png?w=1400&amp;h=800&amp;q=50&amp;fm=webp\",\"contentUrl\":\"https:\\\/\\\/images.ctfassets.net\\\/5natoedl294r\\\/6ZurqqWKU1zloyUh6yeU1M\\\/bdb0322b7ad1a1d4bd560998dc1666ad\\\/Cybersecurity_budget_research_web_1400x800.png?w=1400&amp;h=800&amp;q=50&amp;fm=webp\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/nordlayer.com\\\/blog\\\/best-practices-cybersecurity-budget-research-guide\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"\u9996\u9801\",\"item\":\"https:\\\/\\\/version-2.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Best practices on cybersecurity budget allocation: a research-based guide\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#website\",\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/\",\"name\":\"Version 2\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/version-2.com\\\/zh\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\",\"name\":\"Version 2\",\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/i0.wp.com\\\/version-2.com\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1\",\"contentUrl\":\"https:\\\/\\\/i0.wp.com\\\/version-2.com\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1\",\"width\":1795,\"height\":335,\"caption\":\"Version 2\"},\"image\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/person\\\/011bc7c3731c930bcfeecd52fefb6365\",\"name\":\"tracylamv2\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g\",\"caption\":\"tracylamv2\"},\"url\":\"https:\\\/\\\/version-2.com\\\/en\\\/author\\\/tracylamv2\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Best practices on cybersecurity budget allocation: a research-based guide - Version 2","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/nordlayer.com\/blog\/best-practices-cybersecurity-budget-research-guide\/","og_locale":"en_US","og_type":"article","og_title":"Best practices on cybersecurity budget allocation: a research-based guide - Version 2","og_description":"Building a cybersecurity strategy is challenging. It re [&hellip;]","og_url":"https:\/\/nordlayer.com\/blog\/best-practices-cybersecurity-budget-research-guide\/","og_site_name":"Version 2","article_published_time":"2023-06-26T06:59:24+00:00","article_modified_time":"2023-06-26T07:14:18+00:00","og_image":[{"url":"https:\/\/images.ctfassets.net\/5natoedl294r\/6ZurqqWKU1zloyUh6yeU1M\/bdb0322b7ad1a1d4bd560998dc1666ad\/Cybersecurity_budget_research_web_1400x800.png?w=1400&amp;h=800&amp;q=50&amp;fm=webp","type":"","width":"","height":""}],"author":"tracylamv2","twitter_card":"summary_large_image","twitter_misc":{"Written by":"tracylamv2","Est. reading time":"20 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/nordlayer.com\/blog\/best-practices-cybersecurity-budget-research-guide\/#article","isPartOf":{"@id":"https:\/\/version-2.com\/2023\/06\/best-practices-on-cybersecurity-budget-allocation-a-research-based-guide\/"},"author":{"name":"tracylamv2","@id":"https:\/\/version-2.com\/zh\/#\/schema\/person\/011bc7c3731c930bcfeecd52fefb6365"},"headline":"Best practices on cybersecurity budget allocation: a research-based guide","datePublished":"2023-06-26T06:59:24+00:00","dateModified":"2023-06-26T07:14:18+00:00","mainEntityOfPage":{"@id":"https:\/\/version-2.com\/2023\/06\/best-practices-on-cybersecurity-budget-allocation-a-research-based-guide\/"},"wordCount":3232,"commentCount":0,"publisher":{"@id":"https:\/\/version-2.com\/zh\/#organization"},"image":{"@id":"https:\/\/nordlayer.com\/blog\/best-practices-cybersecurity-budget-research-guide\/#primaryimage"},"thumbnailUrl":"https:\/\/images.ctfassets.net\/5natoedl294r\/6ZurqqWKU1zloyUh6yeU1M\/bdb0322b7ad1a1d4bd560998dc1666ad\/Cybersecurity_budget_research_web_1400x800.png?w=1400&amp;h=800&amp;q=50&amp;fm=webp","keywords":["Nord Security","2023","NordLayer"],"articleSection":["Nord Security","2023","NordLayer","Press Release"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/nordlayer.com\/blog\/best-practices-cybersecurity-budget-research-guide\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/version-2.com\/2023\/06\/best-practices-on-cybersecurity-budget-allocation-a-research-based-guide\/","url":"https:\/\/nordlayer.com\/blog\/best-practices-cybersecurity-budget-research-guide\/","name":"Best practices on cybersecurity budget allocation: a research-based guide - Version 2","isPartOf":{"@id":"https:\/\/version-2.com\/zh\/#website"},"primaryImageOfPage":{"@id":"https:\/\/nordlayer.com\/blog\/best-practices-cybersecurity-budget-research-guide\/#primaryimage"},"image":{"@id":"https:\/\/nordlayer.com\/blog\/best-practices-cybersecurity-budget-research-guide\/#primaryimage"},"thumbnailUrl":"https:\/\/images.ctfassets.net\/5natoedl294r\/6ZurqqWKU1zloyUh6yeU1M\/bdb0322b7ad1a1d4bd560998dc1666ad\/Cybersecurity_budget_research_web_1400x800.png?w=1400&amp;h=800&amp;q=50&amp;fm=webp","datePublished":"2023-06-26T06:59:24+00:00","dateModified":"2023-06-26T07:14:18+00:00","breadcrumb":{"@id":"https:\/\/nordlayer.com\/blog\/best-practices-cybersecurity-budget-research-guide\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/nordlayer.com\/blog\/best-practices-cybersecurity-budget-research-guide\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/nordlayer.com\/blog\/best-practices-cybersecurity-budget-research-guide\/#primaryimage","url":"https:\/\/images.ctfassets.net\/5natoedl294r\/6ZurqqWKU1zloyUh6yeU1M\/bdb0322b7ad1a1d4bd560998dc1666ad\/Cybersecurity_budget_research_web_1400x800.png?w=1400&amp;h=800&amp;q=50&amp;fm=webp","contentUrl":"https:\/\/images.ctfassets.net\/5natoedl294r\/6ZurqqWKU1zloyUh6yeU1M\/bdb0322b7ad1a1d4bd560998dc1666ad\/Cybersecurity_budget_research_web_1400x800.png?w=1400&amp;h=800&amp;q=50&amp;fm=webp"},{"@type":"BreadcrumbList","@id":"https:\/\/nordlayer.com\/blog\/best-practices-cybersecurity-budget-research-guide\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"\u9996\u9801","item":"https:\/\/version-2.com\/"},{"@type":"ListItem","position":2,"name":"Best practices on cybersecurity budget allocation: a research-based guide"}]},{"@type":"WebSite","@id":"https:\/\/version-2.com\/zh\/#website","url":"https:\/\/version-2.com\/zh\/","name":"Version 2","description":"","publisher":{"@id":"https:\/\/version-2.com\/zh\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/version-2.com\/zh\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/version-2.com\/zh\/#organization","name":"Version 2","url":"https:\/\/version-2.com\/zh\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/version-2.com\/zh\/#\/schema\/logo\/image\/","url":"https:\/\/i0.wp.com\/version-2.com\/wp-content\/uploads\/2020\/08\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1","contentUrl":"https:\/\/i0.wp.com\/version-2.com\/wp-content\/uploads\/2020\/08\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1","width":1795,"height":335,"caption":"Version 2"},"image":{"@id":"https:\/\/version-2.com\/zh\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/version-2.com\/zh\/#\/schema\/person\/011bc7c3731c930bcfeecd52fefb6365","name":"tracylamv2","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g","caption":"tracylamv2"},"url":"https:\/\/version-2.com\/en\/author\/tracylamv2\/"}]}},"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/pbQRKm-hMB","post_mailing_queue_ids":[],"_links":{"self":[{"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/posts\/68361","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/users\/149011790"}],"replies":[{"embeddable":true,"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/comments?post=68361"}],"version-history":[{"count":4,"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/posts\/68361\/revisions"}],"predecessor-version":[{"id":68365,"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/posts\/68361\/revisions\/68365"}],"wp:attachment":[{"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/media?parent=68361"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/categories?post=68361"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/tags?post=68361"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}