- Interest rates have limited business’ ability to finance big IT projects.
- Wage pressure has dramatically impacted the cost of internal IT staff and leaders, as well as systems consultants.
- Unprecedented rise in Cybersecurity incidents and ransomware attacks, coupled with the well-documented shortage of skilled information security professionals, has made it very challenging for non-Fortune 100 companies to hire and retain suitably skilled Information security team members that have experience in mitigating these risks. Training up existing IT personnel may not be practical or a “best use” of funds.
- Once budget-able fixed costs for hosted, outsourced basic IT services (e.g.; managed service providers / MSP’s) have increased across the board; related project fees have increased, and software fees are all up.
- Cyber insurance isn’t covering certain losses – if you do your homework, you’ll learn that a certain percentage of cybersecurity damage claims are being denied. Businesses who invested in premiums but didn’t comply with certain requirements to keep their internal information security house in order – are finding that various claims are being denied and thus now incur costs of ransomware and other cyber losses.
Simple message –
This is not the year to budget based on “same, or 5% increase, on last year”. The threat landscape has changed; money is “more expensive”, cybersecurity is a seriously overriding risk to business digital assets like never before, and there is a clear skill gap in areas that impact the continuity of all businesses.
We strongly recommend that you reconsider where to allocate your 2024 IT spend.
This is more than determining “how much” to spend for the year – but also what areas to spend it on, and assessing the value to the business that is achieved by the spend, among each area. Too many times this past year our team has met with business executives who thought their IT was secure, only to find out just how many threats were happening, real-time.
Just because it’s been budgeted, and IT has spent money on their allocated budget, doesn’t mean that things were done properly.
This really is a good time to assess IT spend from a governance-level, not just based on the IT team’s desired approach. Ultimately, management is responsible for the continuity of a business – and determining a suitable mix of behavior and activities to achieve that responsibility. IT spend is no different. Please ask the tough questions of your IT team, if you’re overseeing the budget for ’24. If you want help, we’re happy to engage but, either way – please consider ’24 not to be IT business spend, as usual.
Have a great holiday season – and warm wishes for a peaceful new year.
Certain resources from our team:
- A free, independent guide to help stop ransomware: #StopRansomware Guide | SingerLewak
- Our Balancing Act podcast with Clar Rosso, CEO of ISC2, focusing on challenges with adequate cybersecurity skill, world-wide (found among other resources on our SL Cybersecurity web page SL Cybersecurity | SingerLewak).
– Bob Green, CPA.CITP, CGMA – Lead Partner, SingerLewak Business Informatics