I've heard quite a few cybersecurity folks lament the fact that security is a cost center by nature. I think that categorization is simultaneously apt and awful. Development costs, too. But...
I've heard quite a few cybersecurity folks lament the fact that security is a cost center by nature. I think that categorization is simultaneously apt and awful. Development costs, too. But development creates marketable products. In my opinion, good security practices are/can be/should be seen as marketable as well. The more people get their data breached and stolen from hack after hack caused by insufficient investment in security, the more exasperated they get at the widespread collection of their data going hand in hand with the inability to keep that data secure.
It shouldn't be seen as a cost center if doing so discourages the implementation of decent security practices. Recategorize it any way ya need to, financially. Market it. Invest in it. Wear it as a badge of pride to stand out as a company that gives a dang amidst a vast swath of carelessness. I dunno. Just know that throwing security in the can because it's an expensive hassle is a recipe for disaster... after disaster... after disaster.
I've heard quite a few cybersecurity folks lament the fact that security is a cost center by nature. I think that categorization is simultaneously apt and awful. Development costs, too. But development creates marketable products. In my opinion, good security practices are/can be/should be seen as marketable as well. The more people get their data breached and stolen from hack after hack caused by insufficient investment in security, the more exasperated they get at the widespread collection of their data going hand in hand with the inability to keep that data secure.
It shouldn't be seen as a cost center if doing so discourages the implementation of decent security practices. Recategorize it any way ya need to, financially. Market it. Invest in it. Wear it as a badge of pride to stand out as a company that gives a dang amidst a vast swath of carelessness. I dunno. Just know that throwing security in the can because it's an expensive hassle is a recipe for disaster... after disaster... after disaster.
tl;dr:
market doesn't reward security
solution: