AuditBoard’s FinOps engineer made a groundbreaking discovery regarding overprovisioned servers in one of the company’s cloud providers. The unnecessary servers were not only costing the company in terms of payments but also in security expenses. This realization led to significant savings for AuditBoard, with a return on investment that was tenfold.
Furthermore, to enhance cost-cutting measures, CISOs are urged to engage employees in becoming security champions. Jimmy Sanders, president of ISSA International and former head of security at Netflix DVD, highlights the importance of implementing a security champions program. This initiative involves training employees, particularly those in IT, to integrate security practices into their daily roles and share their knowledge with colleagues. By fostering a stronger security culture within the organization, this program is instrumental in reducing security costs.
The benefits of having security champions extend beyond just monetary savings. These individuals assist with basic security tasks, alleviating the burden on the security department and increasing overall operational efficiency. Additionally, a heightened security awareness among employees leads to a lower likelihood of falling victim to cyber threats, thus reducing incident response costs. Moreover, security champions are more inclined to integrate security considerations into business processes early on, minimizing the expenses associated with retroactively incorporating security measures.
By empowering employees to be proactive in enhancing security measures, organizations can not only mitigate financial risks but also cultivate a culture of vigilance and responsibility towards cybersecurity. The collaborative efforts of security champions contribute to a more resilient and cost-effective security posture, ultimately safeguarding the company’s assets and reputation from potential threats.