Back to blog results

6월 20, 2023 By Dana Torgersen

CISOs and cybersecurity in an economic downturn: do more with less

CISOs and cybersecurity


The financial outlook for the rest of 2023 and 2024 is far from cheery, and economic uncertainty is affecting everyone and everything, including the cybersecurity sector.

Security budget cuts or freezes are the course many organizations are tempted to take in this financially precarious situation. Conservative spending is a natural response to the present economic downturn and a possible recession knocking on our doors, implying fewer clients, lower profits, and higher costs.

Should organizations like yours reduce or freeze cybersecurity spending? What can a chief information security officer (CISO) do to meet stakeholders’ expectations while keeping sight of your security team’s interests and protecting the organization?

How can cybersecurity budget cuts and freezes affect your organization?

There are good reasons to believe that security budget cuts, especially if they include layoffs, are not the most prudent way to fend off economic headwinds.

A strong correlation between an economic crisis and a substantial increase in cybercrime

As George Gerchow, Sumo Logic’s Chief Security Officer, noted during a recent HackerOne event, “Whenever there are times of high anxiety, such as an economic downturn coming off of a pandemic, bad actors are at their best.” The FBI’s annual Internet Crime Reports confirm this.

The reports from 2008 and 2009 — remember, this is the period of “the worst economic disaster since the Stock Market Crash of 1929” — show drastic increases in the complaints received compared to the years before and after the global financial crisis.

The number of complaints in 2007 was 206,884. In 2008, it grew to 275,284 — a staggering 33.1% increase compared to the previous year. In 2009, the FBI’s Internet Crime Complaint Center recorded 336,655 complaints — 22.3% more than in 2008.

For comparison and to better understand how fertile ground a prolonged economic downturn can be for cyber attacks, the number of complaint submissions in 2010 (right after the end of the crisis) not just didn’t increase but dropped to 303,809.

Complete visibility for DevSecOps

Reduce downtime and move from reactive to proactive monitoring.

Sumo Logic cloud-native SaaS analytics

Build, run, and secure modern applications and cloud infrastructures.

Start free trial
Dana Torgersen

Dana Torgersen

Senior Director, Security Product Marketing, Sumo Logic

Dana leads product marketing for Sumo Logic security solutions. He is a 17-year veteran in the information security industry with expertise in cloud threat detection and SIEM tools, endpoint detection and response, and network security technologies—including firewalls, web protection, and email security. Before joining Sumo Logic, Dana held product and technical marketing roles at JASK, Malwarebytes, Illumio, Palo Alto Networks, Intel Security, McAfee, and Secure Computing. You can follow him on Twitter @DaToTweet

More posts by Dana Torgersen.

People who read this also enjoyed