The White House recently announced a $1 billion cybersecurity funding program designed to help state and local governments improve their cyber defenses, specifically around protection. critical infrastructure. The recent executive order stems from a $1.2 trillion infrastructure bill that was signed nearly a year ago. That bill allocated $1 billion to protect critical infrastructure against cyberattack following a series of high-profile ransomware attacks like the Colonial Pipeline attack.
Government agencies that wish to take advantage of these funding opportunities must submit funding proposals by mid-November. Proposals are accepted only sixty days after the program’s announcement.
Grant recipients can use the funding to invest in new cybersecurity initiatives or improve existing defenses. The awardees are guaranteed to receive a minimum of $2 million. However, program requirements state that 80% of funding must be invested in local or rural communities. In addition, recipients are required to distribute at least 3% of the funds received to tribal governments.
Although companies in the private sector are not eligible for these grants, the private sector is likely to benefit indirectly. The fact that governments are increasing their focus on cybersecurity will certainly help IT security teams because of the attention that it will bring in the seriousness of addressing cybersecurity threats.
In turn, this national attention will make it easier for IT security teams to approve their budgets.
Secure your own IT security budget for 2023
Getting funding for IT initiatives can be difficult under the best of circumstances. The current economic downturn will normally make it impossible for IT security teams to get funding for new security initiatives, averting some kind of disaster. However, the emphasis the federal government is currently placing on cybersecurity can give IT professionals the opportunity to have a candid discussion about security within their organization, which ultimately. may lead to the receipt of security projects.
Here are six basic steps IT professionals can use to improve their odds of getting the funding they need:
Step one: Figure out the problem
The first step involves demonstrating to your superiors that your project is intended to protect against a credible threat. Recent headlines can help provide the evidence you need and give you an opportunity to demonstrate that if the government is taking cybersecurity threats seriously, your organization should too. In addition, if governments strengthen cyber defenses, attackers may be inclined to switch to softer targets, such as businesses that still rely on legacy security tools.
Step Two: Prove Your Point
This leads to the second step outlined in the article, which is to use the data to your advantage. This means quoting recent cybercrime statistics or using available security tools to gather statistics from your own organization that highlight the problem you’re trying to solve. handle.
Step 3: Present the solution
Next, you’ll want to highlight what your proposed solution will do. It’s one thing to prove that a security problem is real, but you also need to be prepared to explain how your intended solution will fix the problem.
Step 4: Set the date
Step 4 is all about creating an execution schedule. Those tasked with managing an organization’s finances are almost always concerned with return on investment. In other words, how long it will take for a newly purchased product to provide enough benefits to cover its costs. You need to demonstrate that the cost of your proposed solution is reasonable and that it will be implemented and provide a return on investment within a reasonable period of time. This also keeps your entire stakeholder group accountable to the agreed timeframe.
Step 5: Show them the money
During this approval process, you will need to demonstrate estimated savings to the company. Yes, your new security tool can protect your organization from catastrophic financial loss from ransomware attacks or regulatory breaches, but it’s important that you save in other ways. For example, will adopting a new tool reduce the number of overtime IT departments work?
Step 6: Do the research
Finally, you’ll want to show that you’ve looked at competing solutions and are prepared to compare prices. It’s okay if your proposed solution is not the cheapest option. Just make sure you can rationalize why you wouldn’t recommend the least expensive option.
Demonstrate the need for an IT Security Budget with data
Of course, before you can start looking for funding to strengthen your cybersecurity defenses, you need to show how vulnerable your organization can be to a cyber attack. Since many such attacks target Active Directory, you can start your data collection efforts by using Specops Password Auditor to scan your Active Directory for password vulnerabilities.
This free, read-only tool can help you detect passwords that don’t comply with your password policy or compliance requirements or industry best practices. More importantly, you can find out which users are using passwords that are believed to have been leaked from a database of more than 875 millionmakes those accounts vulnerable because their passwords are available for purchase on the dark Web.
Specops Password Auditor is just one of countless free security tools available online, but it’s a great place to start because it does a good job of detecting security vulnerabilities that actually exist right in your organization.
Get IT security funding in 2023 and test Specops Password Auditor in your Active Directory today.